Here is an example:
Cybercriminals can clone or create a fake copy of "www.yahoo.com", call the cloned version of the website "www.yahoo.icu". Many online users who are tricked into visiting the fake website, would not notice the “.icu” at the end of the name, or may even think Yahoo is using a new website domain name. Therefore, they would think they are on the legitimate Yahoo website. But, any attempts to sign into the fake website by visitors, will result in their Yahoo usernames and passwords being sent to the cybercriminals responsible for the website, who will use the stolen credentials to hijack the visitors' email accounts, which will be used fraudulently.
Online users who think they were tricked into visiting phishing websites that steal online usernames and password, should change their passwords immediately before their accounts are hijacked and used fraudulently.
We are not saying all websites with names ending with “.icu” are dangerous. We just want online users to be aware of those fraudulent “.icu” Top Level Domain name(TLD) websites, which are being created by hackers, scammers and other cybercriminals.