The internet naming system threatens intellectual property rights, while providing a haven for malware and ‘cybersquatters’, experts have said.

The United Nations’ agency the World Intellectual Property Organisation (WIPO) has warned the growing trend towards mass harvesting of top level domain (TLD) names, like .net and or country codes such as, by ‘cybersquatters’ has made the task of pursuing those who infringe brand and intellectual property rights much harder. It can also make it more difficult for users to find genuine sites, it added.

The WIPO reported the number of disputes it was called on in its capacity as arbiter in such matters had grown exponentially, with 1,823 cases investigated last year alone topping the previous high in 2000.

The practice of cheap or free registration of new domain names had excerbated the problem, making the job of tracking cybersquatters akin to hitting a ‘moving target,’ said a WIPO spokesman.

At the same time, the growth in this ‘domain-name tasting’ in websites fuelled their use for spamming or hosting malicious software, according to research from McAfee.

The study, released Monday, highlights continuing problems concerning how websites are registered and the ease with which cybercriminals can change websites to continue online scams.

McAfee analysed 8.1 million of the world's most heavily visited websites registered on 265 top-level domains (TLDs), such as ".com" and ".biz" along with country-specific ones, such as ".jp" for Japan.

Small islands with their own TLDs remain troublesome. For example, some 18.5% of websites registered under the ".st" TLD are considered "risky" for either spam or other malicious activity, McAfee said. The TLD belongs to Sao Tome and Principe, a country of two volcanic islands west of Gabon. While Tokelau (.tk), a territory of New Zealand in the south Pacific, and Niue (.nu), also in the south Pacific east of Tonga, give out domains for free. That's good for scammers, who often need to register new domains as older ones are blocked by security software.

The safest TLDs belong to countries with stronger registration rules. Japan, Ireland, Sweden and Finland require a local postal address, while businesses in Norway have to register with the government to get a ".no" domain. Consequently, McAfee found the lowest percentage of bad websites in those domains.

Australia and Canada, McAfee said, require a local contact for registration, which often deters spammer since registrations take more time.

The ".info" domain ranked first among generic TLDs for its percentage of risky sites, at 7.5%, McAfee said. The domain also hosts many Web sites that send "spammy" e-mail, the vendor said. Users also have a 73.2% chance of receiving a spam email by giving their address to a random ".info" site, McAfee said.

The ".com" domain – created in the 1980s – came in second for risk, with 5.5% of its websites considered questionable, McAfee said.

Additional reporting by Jeremy Kirk, IDG News Service London