New Internet Domains will increase phishing attacks

Web 2.0 is on the path of liberation. Internet Corporation for Assigned Names and Numbers (ICANN) will roll out new top level domains (TLDs) to compete with the currently used .com, .net, .org. The frustrating unavailability of domain names is ending and an era of ideal domain for each and every business and individual is beginning with new extensions.

But looks like the 'liberated' web will see more phishing attacks because it will get increasingly difficult to tell between real and bogus sites, at least in the beginning. According to Help Net Security, cybercriminals could also seek these new domains to create legitimate looking websites using well-known brand names.

The most feared form of attack from cyber criminals with the Domain Name expansion will be phishing or delivery of Trojan malware to unsuspecting visitors. Help Net Security elaborates, For example - imagine you received an email from yourbank.bank. You might tend to trust those emails, but in the beginning at least, you wouldn't necessarily know if this came from the institution in which you have accounts.

While the bigger brands will be in a position to secure control of most of the top-level domains using their brand name, the mid-to-small level businesses may not have the resources to do so.

Help Net Security quoted Spencer Parker, Group Product Manager at Websense as saying: This is where the largest danger will lie. I can see for example, small regional banks with small IT departments being taken advantage of in this way. ICANN will need to strictly enforce its policies and stringent evaluation procedures for generic top level domains so that the bad guys don't get their hands on them.

Ensuring protection of your brand by preregistering your company name and trademarks under the new top-level domains, securing the rights and taking precautions so that people aren't accidently accessing bogus sites etc should be done against potential phishing attacks, advises Help Net Security.