The APWG (Anti-Phishing Working Group) has released their report for Q4 of 2014. It makes for fairly depressing ready, as you’d expect, but it’s worth taking the time to have a look over it.
So which TLDs are most (ab)used in phishing and malware attacks?
It’s hardly surprising that .com is the most (ab)used (46%) – it’s also the most popular domain extension. What is a little more interesting is that .br domain names account for only 1% of domains registered worldwide, yet 3% of domains used in phishing / malware.
Here’s a graphic to show it all in a bit more detail:
You can grab the full report here (PDF)