Hackers have ruined gTLD reputation
2 min read

Hackers have ruined gTLD reputation

Since gTLD became a thing, we've seen people finding creative ways to use these new domain extensions, making creative branding domains to using a gTLD instead of hoarding .com/.net for their next big project. There was a lot of good to this, The creative marketing and branding agencies in the recent past came up with the most unique ideas to brand a business online using these generic domain extensions. However, since there were an abundance of domain extensions available, scammers also got strong with their game and started using gTLDs as a phishing/email bombing tool. Some of these gTLDs are always on a dirt cheap sale to promote their use and it has made it rather easier for scammers & spammers to buy out random domains in bulk causing mass blacklisting of such domains world wide. With regards to the usability stand point, some domain extensions have become such a victim that legitimate businesses choose to stay away with them. Very recently, my consultation firm (ORNG) had also got rid of about 10 such domains that we used for testing. The challenges we faced primarily was bad email delivery, difficulty to get good page rank despite having unique and high value content & a lack of trust between the product and it's intended audience.

We decided to get rid of our stack of gTLDs (xyz, live, email, social, buzz etc.) and instead using the more trusted extensions like .com/.net/.in . We've been faced with a number of challenges regarding some of our business verticals. We're still figuring out a strategy to best fit the domains or rename a few entities to better align them to the mainstream TLDs.

As a safety concern, I'd like to warn you to check the sender email before reacting to an email (particularly if it claims to be from your social media, bank or a service that you use). I mean scams that announce that you've won cash rewards are very obvious, You read the title and you already know it's a scam. However, how to distinguish between an email sent by twitter or someone pretending to be twitter? The easiest way to find that out is to check the sender. If the sender ends with @twitter.com then we know it's legit, but, anything other than that must be taken with caution. e.g. twitter won't ever send an email from @twitter-com.xyz or @twitter-secure-account.link or anyhting such. Please be very careful and check the sender email.