Chinese domains — Western porn

Over the past year SophosLabs have noticed a trend that shows no sign in stopping. The trend is that some countries’ TLDs are being abused by spammers to host content for the English speaking world.

Earlier this year we saw Belgium’s TLD (Top Level Domain), .be, being abused because you could get 10 free .be domains. Currently, the TLD of choice for spammer is either .hk or .cn (Hong Kong and China respectively).

Today the spam has mainly been porn related, though over the past week we have seen phishing and medicine related spam.

Messages

The content of the domains is typically quite salacious.

Content

Fortunately, SophosLabs are blocking spam from these domains automatically. Whatever else the New Year brings spammers will be attempting to bypass our protection to sell you porn/meds/etc, and we will update the protection to stop them.

Happy New Year from all in SophosLabs.