Cybersecurity company Netcraft has released a report on the rise in .AI domain name abuse. Formally, this domain is the national domain of Anguilla, a self-governing overseas territory of Great Britain in the Caribbean, but registration of names in it is available to everyone, and along with the avalanche-like growth in the popularity of chatbots and the topic of artificial intelligence (AI - stands for Artificial Intelligence) among those interested, of course, there is no shortage. According to Netcraft, the number of .AI domain names used by web servers has grown by 12,523% over 10 years, from 913 to 115,245 domains. IP addresses and active websites associated with domain names in the .AI zone showed similarly dramatic growth – from 165 to 37,041 and from 647 to 112,600, respectively.
The downside of this popularity has predictably been an increase in cases of illegal use of domain names in the .AI domain. If until 2016 the number of blocked names in this domain did not exceed 50 per year, then in 2022 it exceeded 350, and this year it has already reached 450. It should be clear that the annual registration of a domain name in the .AI zone costs Not cheap at all - about $60. Why would cybercriminals spend so much money when they have so many new gTLDs where they can register a domain name for less than $1?
The authors of the Netcraft report themselves are trying to answer this question. “We suspect that criminals believe that the implied ‘legitimacy’ of .ai domains is worth the extra cost, as there is a notable proportion of purpose-registered .ai sites (particularly for cryptocurrency investment scams). The hype surrounding AI over the last few years perhaps explains why victims are ignoring long-established conventions of ‘avoiding unknown links’, and instead are willing to click on .ai URLs. In the past year, there have been numerous legitimate AI products created (mostly from new/generic brand names), which means victims are getting used to seeing (and clicking on) .ai brands and URLs. The increasing familiarity of seeing domains that end in .ai – coupled with a curiosity about AI fuelled by months of media speculation – makes the .ai ccTLD attractive for cybercriminals.”
As the Domain Name Wire notes, this primarily concerns complex and sophisticated fraudulent schemes. If we are talking about primitive spamming, a $60 domain name is, of course, an unnecessary luxury. But where criminals are preparing, for example, the most plausible frauds with the “distribution” of cryptocurrency, such a name will come in handy for them.
