Considering that most of the big sites run local variants of their services using these TLDs is it fair to assume that one of these next ones could be of the phishing kind?
What's the best thing to do - always use the .com hoping that it is safer?
ICANN needs to mandate stronger requirements for best practices with web based management UIs. Unfortunately they have little in the way of real control over ccTLDs.
You'd be best served registering ccTLDs and redirecting them to your gTLD of choice (say, .com) and not trying to serve localized content from them.
> Unfortunately they have little in the way of real control over ccTLDs.
Hopefully NTIA can empower ICANN (as the IANA operator) to better exercise security requirements against ccTLDs. Ultimately NTIA can pull the ccTLD from the root, which is a stick we could use increase the overall security of the internet, but I would prefer we find a carrot.