Antivirus firm McAfee says sites using the world’s most heavily trafficked web domain — sites that end in “.com” — are also the riskiest.

Of the 27 million web sites McAfee scanned, more than 6.2 percent — or 1.67 million web sites — pose security threats for users (compare that to only 4.1 percent deemed risky back in 2007 and 2008). And 56 percent of those dangerous sites are on the .com domain. This means that if you visit a site that ends with .com, you will hit a dangerous site about 6.2 percent of the time, according to McAfee’s fourth annual Mapping the Mal Web report.

Japan’s .jp ranks as the safest domain on the web for the second year in a row. One of the riskiest country domains is Vietnam’s “.vn,” which moved from 39th on the list last year to third this year. About 58 percent of the .vn sites on the web pose some kind of security risk, McAfee said. Paula Greve, director of web security research for McAfee Labs, said in an interview that cybercriminals are shifting tactics to lure new victims.

Cybercriminals target regions where registering sites is cheap and convenient and where security is light. That’s why Vietnam’s .vn has become a popular staging ground. Meanwhile Singapore’s “.sg” domain managed to move from No. 10 on the risky list last year to No. 81 this year, thanks to improved security levels.

“A domain that is safe one year can be dangerous the next,” Greve said.

It certainly pays to notice the top-level domain, or TLD, that serves as the suffix for a web site. If you mis-type “.cm” instead of “.com,” you are often taken to a malicious site registered in the country of Cameroon.

Side note: McAfee is in the midst of being acquired by Intel.