 | This articleis missing information about intended and actual uses. Please expand the article to include this information. Further details may exist on thetalk page.(February 2025) |
| Introduced |
|
|---|---|
| TLD type | Generic top-level domain |
| Status | Active |
| Registry | Alphabet Inc. |
| Registered domains | 14,000 (2024)[1] |
.zip is atop-level domain name operated byGoogle.[2] It is ageneric top-level domain (gTLD) introduced under theInternet Corporation for Assigned Names and Numbers's new gTLD program. Approved as a part of the program, .zip became available to the general public on May 3, 2023.
The qualifier.zip is also associated with the widely recognized.zip file format, commonly used for file compression and archiving, and its approval as a gTLD received criticism for the security concerns that may arise as a consequence.
Google opened registration for the .zip and.mov top-level domains to the general public on May 3, 2023. Its release was immediately met with condemnation from cyber security experts as a result of its similarity with the file format of the same name.[3][4]Malwarebytes warned against the use of already recognizable filenames and their confusion with top-level domains, as "plenty of users already have a clear idea that .zip means something completely different".[5] Experts cautioned against their use, and noted that the use of.zip filetypes in cybercrime had had "an explosion" in recent years.[5]Cisco warned against the potential for leaks forpersonal identifying information.[6] Researchers also registered similar concern about Google's .mov domain.[3][4]
Surveys by security researchers immediately following public release of domain registration found numerous examples of links and domains registered under .zip being used inphishing attempts, and the ICSS recommended disabling access to .zip domains until "the dust settles and risks can be assessed".[7]
Following its release to the general public, .zip domain registrations were one of the most popular new domains registered in mid-2023, during the domain's landrush and early access period.[8] Security researchers noted high levels of phishing domains and high levels of redirection campaigns. Shortly after its release, some security vendors blocked access to .zip domains, and new domains under these TLDs began to be scrutinized more carefully.[8]
One month after its public release in June 2023, there were 13,796 .zip domains registered;[9] which rose to over 14,000 as of November 2024[update].[1] Security researchers found that the rate of malicious registrations for the domain was approximately 0.20%, slightly below the global average of 0.22%. This was still higher than the abuse rate of 0.06% seen in EuropeanccTLDs.[9]
