Phish-friendly domain registry ".top" put on notice

Original Article ↗ Hacker News Discussion ↗

Perceived Abuse of .top and Other TLDs

  • Many commenters say .top is heavily used in phishing and smishing; several report recent USPS/package and government procurement scams using .top.
  • Some note similar patterns with .xyz, .io, .site, .cc, .zip, .tk, etc., and say they block these entire TLDs at the DNS, SMTP, or firewall level.
  • Others argue this harms legitimate small or hobby users who pick cheap TLDs (e.g., homelabs, teaching domains, novelty names).
  • A few suggest that if a TLD’s phishing rate is much higher (e.g., .top 4.2% vs .com 0.2%), blocking is justified to minimize collateral damage.

Debate on Default Blocking and “Allow Lists”

  • One camp favors browsers/mail clients shipping with a “default allow” list of safer TLDs, with users able to opt-in others.
  • Critics argue browsers must stay neutral and such mechanisms would invite pay-to-play abuse (large providers charging registries for inclusion).
  • Some individuals already approximate this via custom DNS services that block most new gTLDs.

.zip TLD and Auto-Linking Risks

  • Multiple anecdotes about .zip domains being globally blocked by organizations due to phishing concerns.
  • Key risk: auto-linkification in email/Chats/Docs turning plain filenames like package.zip into clickable links to attacker-controlled .zip domains.
  • Commenters detail how users can be tricked into thinking they’re downloading an attachment rather than visiting a website, blurring trust cues.

Responsibility of Registries and ICANN

  • One side argues registries historically must act on abuse complaints; otherwise they risk losing accreditation.
  • Others see content-policing by registries/ICANN as a slippery slope toward censorship and believe ICANN should stay content-agnostic.
  • Some note that ICANN’s enforcement in practice is weak and slow, especially with overseas registrars.

Cost, Incentives, and Enforcement Limits

  • Cheap TLDs lower phishers’ costs and enable rapid domain churn; raising prices might only dent margins.
  • Suggestions include better anti-abuse teams, automated similarity/content checks, and stronger cross-border enforcement—but many doubt feasibility due to jurisdiction and geopolitical constraints.