It has everything to do with being open/closed source. If it were open, you could trivially fix this behavior. Instead, and I quote:
"the DHCP server on these modems hands out leases with the DNS suffix fritz.box, which means that domains in DNS requests are appended with the suffix. Unfortunately, this setting cannot be modified...
...The only proper way to resolve this matter in my opinion is to disable the DNS suffix by default. So far there is no indication that AVM is planning to enable this option in the near future."
Well yeah, quick mitigation is easier with open source. But the cause is still entirely on the gTLD mechanism itself. The ability to register gTLDs such as .zip is ridiculous and opens up this sort of phishing and hijacking in absolutely unforeseen places.
"the DHCP server on these modems hands out leases with the DNS suffix fritz.box, which means that domains in DNS requests are appended with the suffix. Unfortunately, this setting cannot be modified...
...The only proper way to resolve this matter in my opinion is to disable the DNS suffix by default. So far there is no indication that AVM is planning to enable this option in the near future."