WSJ: Banks Looking To New gTLD’s To Stop Phishing
The WallStretJournal published a story on how banks are looking to using their applied for new gTLD’s to cut down on phishing of bank sites on the net.
“Financial-services companies are snatching up new, exclusive Internet addresses in an effort to crack down on cybercrime, which one analyst said cost the industry an estimated $2.5 billion last year.”
“The companies buying up addresses include some of the biggest players in the industry: American Express Co., Capital One Financial Corp., J.P. Morgan Chase& Co., Barclays PLC, Bank of America Corp. and Citigroup Inc”
“The firms have paid at least $3.3 million, or $185,000 per address, to the nonprofit organization that oversees the Internet to secure new exclusive domain extensions, the letters that appear at the end of a website address, such as dot-com or dot-gov.”
“The new addresses include extensions like dot-citi, dot-bofa and dot-barclays. The banks hope these extensions will help their online customers know they are actually dealing with the bank and not a scam website trying to pilfer personal information.”
Web browsers won’t see the new addresses online until the Internet Corp. for Assigned Names and Numbers, or Icann, the organization that oversees the Internet, approves them.”
“Some may appear next year.”
“In 2011, the financial-services industry accounted for nearly half of all “phishing” attacks—attempts to steal customers’ personal data like credit card information, email addresses and passwords—according to the Anti-Phishing Working Group, a corporate group that addresses cybercrime issues.”
“Hackers can buy domain names at registrars like Go Daddy Group Inc. that alter a letter or two in a company’s brand name—replacing “of” with “at” in bankofamerica.com, for example—and trick consumers by sending them emails dressed up with Bank of America’s logo.”
“Controlling their own domains with exclusive address extensions could help financial-services companies fight phishing because criminals won’t be able to register domains that end in dot-jpmorgan, for example.”
“When we start to put things under dot-discover, it will be tougher to spoof them,” said Mike Boush, vice president of e-business at Discover Financial Services”
“Not all financial companies are convinced. Wells Fargo WFC -0.04% & Co. didn’t apply for one of the new addresses, citing investment costs and the potential for the dilution of its online brand, wellsfargo.com. “When’s the last time you used a dot-biz or dot-info?” said Beverly Butler, Wells Fargo’s vice president for its digital channels group.”
The story did not chat about other new gTLD’s like .Bank or .Secure which will likewise serve to cut down on Phishing.
Like them or not, new gTLD’s are putting domain names on the front page of major publications.