"Is the New .zip Top-Level Domain a Cyber Security Risk?"

According to security experts, the new '.zip' top-level domain (TLD) could drive an increase in the spread of malware and undermine legitimate sources. TLDs are the letters that follow the final period in a URL, such as '.com.' At the beginning of May, Google announced the release of eight new options, including .dad, .phd, .prof, .esq, .foo, .zip, .mov, and .nexus. Although most of the new TLDs were created to correspond with specific job titles, there are concerns that the two that resemble file extensions, which are '.zip' and '.mov,' could be used by hackers to deceive users into entering malicious domains. Zipped archives are widely used in business because they enable the sharing of large amounts of data in a compressed format and are compatible with macOS, Windows, and Linux. Using the '.zip' TLD to disguise illegitimate links as downloadable files could lead to increased phishing attacks or the delivery of malicious .zip files, such as those used in recent Emotet botnet campaigns through domains resembling innocent files. This article continues to discuss the cybersecurity risk posed by the new .zip TLD. 

ITPro reports "Is the New .zip Top-Level Domain a Cyber Security Risk?"