The governments of most of the world’s countries have specialised domain extensions, for example, the UK has .gov.uk and the USA has .gov. This differentiates them from unofficial sites and acts as an instant, clear reassurance that visitors are on the relevant governmental website. In this way, they know that the information they read will be relevant and accurate, and any data they submit will go directly to where it is meant to be. It is now being argued that a special extension should be created for banks and building societies to provide the same reassurance for their customers.
This proposal has come from F-secure, which is a security company, in an attempt to fight phishing. This is a criminal activity that involves the fraudulent acquisition of the financial details of unsuspecting internet users. For example, a phisher (a perpetrator of phishing) may send out emails claiming to offer an extended credit limit, providing the recipient with a link to a form, where they can enter their current credit card details. The phisher can then use this information to use the victim’s credit card online – many millions of pounds are stolen in this way each year.
If a domain extension, also known as a TLD (top level domain), existed exclusively for banks – the recipient of the fraudulent email would be able to check the url of the virtual destination they have been sent to, upon finding that the url did not contain the appropriate TLD, they could simply close the window and mark the email as spam. Perhaps, more usefully, the user could forward the email to the fraud department of any related financial institution.
The organisation that decides whether this apparently good idea will become a reality is the Internet Corporation for Assigned Names and Numbers (ICANN). However, ICANN argue that the only way to limit access to a specific TLD is to price it beyond the means of phishers and this would be of detriment to smaller financial institutions.
