Over the past couple of years the list of Top Level Domains (TLD’s) has been expanding. A TLD is the bit after the dot in a domain name, so .com, .net, .org, and so on.
While the Domain Name System (DNS) has existed for only a couple of decades now, getting good domain names has become almost impossible, with most reasonable names long gone. The surge in weirdly named web sites, Flickr, Tumblr, etc was a reaction to this, as they made up names since the dictionary has long since been plundered for every conceivable variation on sensible names.
So the addition of new TLD’s was supposed to open up the variety of names again, so that similarly named companies, in different sectors could have their real names, but still be distinctly different. So .bar, .voting, .systems, .sexy and many, many others were created. And have flopped hard, with very few taking advantage of this.
The flaw in the plan has been twofold. Firstly any company of any status wants to cover as many domains as humanly possible, so their “brand” cannot be harmed by someone masquerading as them. So large companies will register the TLD for their particular sector, So for example, Microsoft.website links to the Microsoft search engine Bing. This means that any other companies which just happen to be called the same name (I think Microsoft might actually be fine on this one, as I can’t think of a non-computing sector company with might plausibly have the same name) are still forced to register some strange variation of it to get the website online.
Secondly, the exact problem that companies are worried about, that people pretending to be them might register their name in one of these new TLD’s, is exactly what is happening.
The .xyz top level domain in particular I’ve heard described as a wasteland. While there may be legitimate users of this TLD, the vast majority of it is used for spreading malware, luring the unsuspecting user to open the sites and download spyware and worse onto their device. While I’ve been looking into this subject for a couple of days in preparation for writing this post, my youngest son brought me his kindle just a couple of hours ago, which was displaying a official looking website with the Google branding on it, claiming his device was infected and he needed to click to download software to fix it. Although I was skeptical from the outset, as soon as I spotted the .xyz domain name I knew with 100% certainty that it was not a legitimate google site, and explained to my son exactly why he shouldn’t click on links when he didn’t know where they led to (in this case the link was in the description of a youtube video he’d been watching).
So, from a user point of view, these TLD’s should be considered a danger sign, and something to avoid. And from a web site owners point of view, they should be considered toxic, and something to avoid or be tarred with the same brush. For now at least, everyone should stick with the good old reliable .com’s, .net’s and .org’s, and obviously your own country TLD’s.
Hopefully in a couple of years, things will change, but for the moment, all I can recommend is steer clear both as a user, and a site owner is to avoid these TLD’s.