Many major companies are rushing to snap up exclusive new domains being made available by ICANN (Internet Corp. for Assigned Names and Numbers) in hopes they will help discourage phishing attacks and make brandjacking more difficult.
ICANN, essentially the company that oversees the Internet, has begun offering companies the chance to have domain names that end in the abbreviated form of their names such as .citi or .bofa (for Bank of America). These specialized domains don’t come cheap – companies who want them must fork over $138,000 each – and won’t go live until they are approved, which won’t start happening until sometime next year.
“Hackers can buy domain names at registrars like Go Daddy Group Inc. that alter a letter or two in a company’s brand name—replacing “of” with “at” in bankofamerica.com, for example—and trick consumers by sending them emails dressed up with Bank of America’s logo”, said Jeff Ernst, an analyst at Forrester Research who has advised companies on how to manage the new addresses.
So far many of the most exploited brands have applied for the new extensions, including Bank of America, Barclays, Citibank and JP Morgan Chase. These, and many more well known companies such as Ebay, Paypal, HSBC and UPS, are heavily brandjacked by spammers and phishers hoping to trick people into turning over their log in and financial info. They’ve become quite good at making their spam messages look like legit messages from those companies but one thing they were never able to fake was the domain name. Most people know all they have to do is hover their cursor over the links in an email message to see if it really goes where it says it does. The companies buying the new domain extensions hope they will provide customers with an extra layer of confidence and security. However, what if an enterprising scammer or cybercrime gang were to snap up one of these domains?
Do you think it could happen? If it did, it could very well give a scammer the most convincing phishing attack ever! Say they bought .hsbc or .ups. Can you imagine? One hopes ICANN has some sort of verification system in place so that only the companies that own the original name can get the domain extension version. What do you think? Will this help crack down on phishing or backfire?