Anti-virus software company McAfee said yesterday that ".hk" websites are the most dangerous to access, but the Hong Kong Domain Name Registration Co Ltd called McAfee's figures obsolete and said the situation has improved.

McAfee released a report yesterday claiming that ".hk" domains have jumped 28 places to become the most dangerous sites to surf as 19.2 percent of these websites pose a security threat to web users.

Given the Internet's popularity in Hong Kong, the city's websites are naturally a target for hackers.

In a press conference held later in the day, Jonathan Shea, chief executive officer of the Hong Kong Domain Name Registration Co Ltd (HKDNR), called McAfee's report outdated.

Noting the report was only based on 2007 data, he said the situation has improved a lot over the past year as the HKDNR has taken effective steps to tighten the domain registration procedure and wiped out suspicious websites.

"The report contained only old data as a year in the cyberworld is a very very long time, and '.hk' domains are quite safe to use now," he told a press conference.

Shea disclosed that from early 2007, the HKDNR began verifying phishing and spamvertising domains with the help of police and the Hong Kong Computer Emergency Response Team Coordination Centre (HKCert).

Phishing refers to criminals attempting to steal such sensitive information as user names, passwords and credit card details of web users; while spamvertising is a practice of sending emails with links to pornographic and poker sites.

As a result, 7,000 suspicious domains were suspended in July last year, and the number of phishing and spamvertising cases had dropped significantly to just a few cases in each of the first three months in 2008.

Roy Ko, HKCert manager, said he is doubtful about the McAfee report and said malicious websites exist all over the world.

Meanwhile, he asked users to be cautious over all sorts of websites, including those that appear to be familiar.

It is always safer to access a website by typing in its address directly instead of clicking on hyperlinks provided in other websites, he said.

When reading email, users need to pay attention to the subject. Sometimes the names of the senders may seem familiar, they could actually be hackers in disguise, he added.

(HK Edition 06/06/2008 page1)