McAfee found no risky Web sites within the domain for government agencies in the U.S., it said in a report published Monday. In contrast, one in 10 Web sites that end in .tk, the domain for the tiny island of Tokelau, either spread malicious software or warrant a warning because of pop-ups or other nuisances, McAfee said.
The Santa Clara, Calif.-based security firm tested millions of Web sites in 265, representing more than 95 percent of the trafficked Web, it said. "The report...revealed surprisingly large differences in safety from one domain to another," McAfee said in a statement.
Overall, 4.1 percent of tested Web sites require a warning, McAfee said. The company used its. A site with a red flag typically delivers malicious software such as adware, spyware or viruses; a yellow site may deliver pop-ups. Green sites are considered safe.
The most risky large country domains are Romania (.ro) and Russia (.ru), of which 5.6 percent and 4.5 percent, respectively, require a warning, McAfee said. These country domains are also the most likely to host sites that silently try to exploit security holes in Web browsers to install malicious programs,, McAfee said.
It is safer to surf to Web sites in the domains for Finland (.fi), Ireland (.ie) and Norway (.no), McAfee said. Of all sites tested in those domains, 0.10 percent, 0.11 percent and 0.16 percent, respectively, raise concerns, according to the McAfee report.
While .com is the most popular generic domain, it is not the riskiest one. That dubious honor goes to .info with 7.5 percent of its sites rated as risky by McAfee. The runner-up is .com with 5.5 percent of sites labeled as perilous, it said.
Still, many more people surf to dangerous Web sites in the .com domain, McAfee said. The popularity of .com magnifies its impact on search and browsing; 86.6 percent of clicks to sites that set off the SiteAdvisor alarm go to .com sites, McAfee said.
The complete study and results, along with an interactive map, are available online.