[ by Melanie Gretchen ]

Financial-services companies paid an estimated $2.5 billion last year new, exclusive Internet addresses in an effort to crack down on cybercrime in an effort to crack down on cybercrime, one analyst said.  For at least $3.3 million, or $185,000 per address, Internet Corp. for Assigned Names and Numbers (Icann), fiirms have secured domain extensions, the letters that appear at the end of a website address, such as dot-com or dot-gov, to help their online customers know they are actually dealing with the bank and not a scam website trying to pilfer personal information.

Companies buying up addresses include:

• American Express Co.
• Capital One Financial Corp.
• JPMorgan Chase & Co.
• Barclays PLC
• Bank of America Corp.
• Citigroup Inc.

The Price to Pay? In 2011, the financial-services industry accounted for nearly half of all "phishing" attacks – attempts to steal customers' personal data like credit card information, email addresses and passwords – according to the Anti-Phishing Working Group, a corporate group that addresses cybercrime issues.  In addition to phishing, the industry is responsible for half of all online fraud, according to MarkMonitor Inc., a brand protection firm.

How Phishing Works. Hackers can buy domain names at registrars like Go Daddy Group Inc. that alter a letter or two in a company's brand name and trick consumers by sending them e-mails dressed up with Bank of America's logo, said Jeff Ernst, an analyst at Forrester Research who has advised companies on how to manage the new addresses.  New addresses, on the other hand, new addresses, which may appear online as early as this year, will include extensions like dot-citi, dot-bofa and dot-barclays, which criminals won't be able to register.

"For customers to be duped, someone must be convinced that they're Barclays.  It's far more difficult to pose as Barclays if they can't be part of the ecosystem that we've created." -- James Greenwood, digital- and mobile-channel platform architect for Barclays.

The Potential of Icann. The nonprofit organization has fielded requests for domain addresses from companies, entrepreneurs, cities and others vying for their own space in the Internet landscape.  Right now, only 22 such domains currently exist, but that number could rise by more than 1,000 by the end of 2013.

C-I Note: One man's loss is another man's gain – millions, to be exact.  If banks had taken care of this before, would they be spared a potentially colossal expense?  Is there a less costly way for banks to secure their sites, and does Icann have a duty to charge less for what would benefit millions of people?  If the registration of 22 domains has cost banks $2.5 billion, could 1,000 domains amount to $10 billion?  That's a nice paycheck.

For further details, go to [WSJ, 8/17/12].