Banking has remained one of the most phished industries for more than a decade. Publicly available, unrestricted, and inexpensive domains (e.g., .com, .net) enable bad actors to easily obtain lookalike domains to execute business email compromise (BEC), phishing and spoofing attacks that lead to breaches, identity theft and financial fraud. Banks must move from these easily abused domains to limit their exposure to cyberattacks.
Now more than ever banks are looking to add digital products and services that help to acquire new customers and enhance existing relationships. Banks must ensure that customers can easily verify they’re interacting with their bank, not a phishing scam or spoofed website, before requesting they divulge additional personal and/or financial information online.
The .BANK domain, gated exclusively for banks, prevents lookalike domains making it easy for anyone to immediately identify bank emails and websites versus BEC, phishing and spoofing attacks. The .BANK “Stamp of Trust” creates verified online and email platforms that are prepared for digital banking products and services where banks provide actionable financial guidance, and customers share additional personal and/or financial information. Employees, vendors and customers simply “Look for the .BANK” to help prevent breaches, identity theft and financial fraud in day-to-day interactions and when engaged with new digital products and services.
What customers should know about .BANK: If your bank has moved to .BANK, it has prioritized and enhanced its cybersecurity against phishing and spoofing, the leading causes of breaches, identity theft and financial fraud. A .BANK domain is like ‘.gov’ and ‘.edu’, but for the banking sector. By looking for .BANK at the end of an email address or website URL you can confirm they are authentically from a bank helping protect you from cyberattacks that steal personal information or login credentials. Our ‘Pioneers’ badge recognizes the banks who have added this important layer of cybersecurity.