Cyber crime headache for banks to worsen

Australian banks are facing an even greater threat from cyber criminals following plans by ICANN, the internet's domain name system manager, to dramatically expand the number of top level domains ('.com', '.gov' etc) beyond the current 21 generic names.

According to e-commerce community advocate NetChoice combating internet scams and phishing attacks will be much harder if ICANN goes ahead with its proposal to allow anyone to apply for any string as a top level domain (TLD).

Under the proposal, if an application were successful, the applicant could then sell second level domains within their TLD.  

For example, if the following three TLDs were successfully registered:  .bank, .sydney and .melbourne the Commonwealth Bank would need to register commbank.bank, comm-bank.sydney, commonwealthbank.melbourne, and other variations to combat phishing scams. 

Steve DelBianco, executive director of NetChoice, warned Australian banks to be watchful of proposals to be discussed in Sydney at ICANN35 later this month: "ICANN is in danger of making it even harder to protect banking customers and online consumers from fraud and cyber crime.  If Australian banks aren't engaged in ICANN policymaking, they could be in for some rude surprises."

"With 500 TLDs and numerous permutations of domain names, defensive registrations are like fighting a perpetual arms race against criminals targeting their customers," he explained.

ICANN will discuss the proposal at ICANN35 in Sydney running from 21-26 June.

Possible solutions to be debated at the forum include restricting new TLD operators from selling second level domains to anyone but the brand owner - meaning the owner of .bank could only sell commbank.bank or commonwealth.bank to the Commonwealth Bank.  Moreover, the Commonwealth Bank could decline to buy the new domains and they would still be off-limits to others.