Josh Bourne ⬥ 14 October
According to a recent article in Web Host Industry Review, the Swedish Bankers’ Association lobbied the Swedish Post and Telecom Agency (Post och Televerksstyrelsen) to prevent Internet users from registering domain names containing the word “bank” in the .SE ccTLD. The goal of the initiative was to allow only legitimate banks to register domains containing this term, which would cut down on fraud and illegal phishing attempts. According to this theory, consumers would know to trust only domains containing the word “bank” with their financial and account information, because only authorized banks will be able to own those domains.
The problem is that banning the term “bank,” or censoring the content of domain names in any way, simply will not work to prevent fraud. In fact, the initiative may backfire.
Phishing and other scams will still be able to easily take advantage of Internet users through the use of tactics such as spoofing emails from domain names, whether or not they contain words such as “bank.” At the same time, because of the initiative, people may be less diligent about keeping an eye out for potential scams—customers will be operating under the assumption that any correspondence or interaction with a domain name containing “bank” is safe. Cybercriminals are always adapting to new obstacles in the domain name space and it is overly simplistic to think this measure will protect Internet users’ financial information.