F-Secure has called on Internet Corporation for Assigned Names and Numbers (ICANN) - the organisation responsible for the global coordination of the Web's system of unique identifiers - to introduce the .safe domain.
Mikko Hyppönen, chief research officer at F-Secure, says: "Banks need to take on some of the responsibility for protecting their customers and using a secure domain name such as .safe will give customers the reassurance they need when banking online."
Hyppönen says customers have no good way of automatically being able to tell whether or not a bank Web site belongs to the bank. He says the introduction of a .safe domain would provide online customers the reassurance they need that banking via the Internet is safe.
The availability of a .safe or .sure domain would also enable security providers to create better software and products, he says.
"If .safe or .sure is locked down, then security companies would have a much better set of assumptions to start with when filtering e-mail and Web traffic," adds Hyppönen. "Security providers would then be able to build a better security product and users would feel safe online."
Last year IT security association CUISPA reported one of the largest bulk registrations of credit union-like domains ever seen after online typosquatters began targeting US credit unions.
Typosquatters register domain names containing trademarked terms or misspelled words that closely resemble legitimate Web sites in a bid to direct traffic to their own sites.
----------------------------
How about .secure?
.Sure just sounds silly....but that is my 2 cents.
This sound like a good idea, but it isn't going to solve the phishing problem altogether. Tons of phishing e-mails contain links which are totally free of words related to the bank/target. Most of the time, these are hacked sites which are hosting phishing kits.
HSBC Phish = http://sensationaltrainingclub.com/dog/im/lan
Thus proofing that public security education is still needed in this area.
No comments:
Post a Comment