The Board of the Internet Corporation for Assigned Names and Numbers (ICANN) recently revealed the list of more than 1,930 proposals for the expansion of new Top-Level Domains (TLDs) in what could be described as the most dramatic change to the Internet in four decades.
There’s a real concern that cybercriminals could seek these new top level domains announced recently to create legitimate looking websites using well-known brand names. It will be increasingly difficult for consumers to instinctively know what may be an illegitimate site carrying potential threats.
These sites can then be used for phishing attacks or delivery of malware to unsuspecting visitors. For example – imagine you received emails from “yourbank.bank.” You might tend to trust these emails, but in the beginning at least, you wouldn’t necessarily be sure if they came from the institution in which you have accounts. ICANN will need to strictly enforce its policies and stringent evaluation procedures for generic top level domains so that the bad guys don’t get their hands on them.
Also these domain name policies have important ramifications for how legitimate companies could avoid having their reputation damaged through an .xxx registration, for instance. The high price of the entrance fee to apply for a TLD should be a deterrent to cybercriminals, but businesses need to do two things in preparation for the introduction of these new domains. Firstly, they need to ensure that their brand is protected by pre-registering their company name and trademarks under the new top-level domains and secure the rights to these. Secondly, take precautions so that employees at work and at home aren’t accidently accessing bogus sites by ensuring they protect access to these malicious sites in real time.