The Growing Threat of Cybersquatting in the Banking and Finance Sector

The apparent cyber heist of of $81 million from the Bangladesh central bank's U.S. account may cause some people to question the security of online banking. While the online theft prompted SWIFT -- a cooperative owned by 3,000 financial institutions around the world -- to make sure banks are following recommended security practices, the incident also could have ramifications for banking customers worldwide. Indeed, the Bangladesh online banking break-in comes just as the World Intellectual Property Organization (WIPO) identified the banking and finance industry as the second-most-popular sector to file cybersquatting complaints in 2015. Nine percent of all domain name disputes at WIPO last year were filed by bank and finance owners, second only to the fashion industry.

WIPO identified the following banking and finance entities as among the most active pursuers of cybersquatters: Banco Bradesco, Bank of Scotland, Bloomberg Finance, Comercia Bank, Intesa Sanpaolo, Lloyds, Saxo Bank and Sydbank.

At the Forum, the second most-active provider of domain name dispute services, the list of banks that filed domain name disputes in 2015 is more U.S.-centric, including complaints by American Express, Bank of America, Barclays, Discover Financial Services, OneWest Bank, Regions, TD Bank and Wells Fargo.

Using UDRP and URS to Fight Cybersquatters

While most of these cases were filed under the Uniform Domain Name Dispute Resolution Policy (UDRP), companies from the banking and financial services industries also are taking advantage of the new Uniform Rapid Suspension System (URS) to tackle registrations in the new generic top-level domains (gTLDs), such as .club, .guru, .services, .top, .wiki and .xyz. Morgan Stanley, Principal Financial Services and PayPal have all used the URS to their advantage.

In many cases, the domain name disputes initiated by banks involve phishing scams, that is, where the cybersquatter tries to trick a customer into providing his or her account information. For example:

  • In one Wells Fargo case, involving the domain name <welilsfargo.com>, the UDRP panelist found that the registrant of the domain name was "seeking to deceive Internet users by providing a web site containing a near identical copy of [Wells Fargo's] web site and seeking to fraudulently obtain personal information from Internet users through a phishing scam."
  • Similarly, in a UDRP case for <lloydsprivatecommercialfinance.com>Lloyds Bank said that "[t]he disputed domain name is used to host a website appearing to offer financial services, but there is no proof there of any delivery of such services, nor any mention of any official authorization, as would be mandatory. The Respondent appears intent on making unjustified profits or defrauding consumers to reveal personal or proprietary information."

Phishing, Crimeware and Education

These banking-related cybersquatting cases are consistent with a general increase in phishing scams overall: The non-profit Anti-Phishing Working Group (APWG) reported that the financial services industry was the second-most-targeted industry sector in the fourth quarter of 2015 (behind only the retail/service sector). The APWG also notes that access to financial-based websites is the most common target for "crimeware" attacks, which it defines as "data-stealing malicious code designed specifically to be used to victimize financial institutions' customers and to co-opt those institutions' identities."

Although online banking is now commonplace, some customers continue to fall for some scams. Indeed, the Federal Trade Commission warns consumers that they should never click on links in email messages requesting financial information. And individual banks send similar messages. For example, Bank of America cautions their customers about the common "phony email ask[ing] you to go to a website that looks like a Bank of America site, but is actually a site the criminal has set up asking you to provide your personal account information."

Despite these warnings, phishing and crimeware attacks targeting the banking and finance sector are not likely to disappear anytime soon, as the reports from WIPO and the APWG make clear. While banks and financial service providers should continue to educate customers, tackling cybersquatters through the UDRP and URS remain important -- and very effective -- tools to ensure that online banking remains safe.