The New gTLD program of registration for new generic top-level domains designated for certain types of communities and organizations was launched in January 2014. New domains almost immediately became an arena for the large-scale distribution of advertising spam, phishing and malicious emails. Cybercriminals either registered domains to spread spam mass mailings, hacked existing sites to place spam pages, or used these and other web resources in chains that redirect users to spam sites. Spam offering insurance services used newly-created domains as well as compromised or expired ones.”]
Source: https://securelist.com/spam-and-phishing-in-the-first-quarter-of-2015/69932/