.BANK – Turnkey solution to mitigate social engineering and reputational risks associated with Banks’ email phishing and spoofing

Published by Digital Brand Consultant on



First of all, to those of you who aren’t aware, phishing is the #1 cyber-attack and the starting point of multiple domain infringement this is because in 2016 phishing and domain infringement hit an all-time record with nearly 1 million confirmed malicious phishing sites hosted on more than 170,000 unique domains.

As a verified domain created and launched by ICANN in 2015, .BANK was created exclusively for the banking community. This is because .BANK provides a more secure and reliable space for online banking and communication flow between client and customer. Therefore, a web or email address ending with .BANK could easily serve as an identification to customers and employee that they are communicating and transacting with their desired bank, and not a phisher or spoofed site.

A .BANK domain will serve as a visual cue that people can look for, besides that it also acts as an online stamp of trust that will instill a sense of confidence to your customer when engaging on your online banking platform. Thus .BANK in away will help to protect your bank from bad actors collecting data for breaches, financial fraud and identity theft.



Secondly, .BANK is a top-level domain extension and it is use specifically for the banking community, thus making it a premium domain extension and only eligible to those whom meets its requirements. Due to this, only verified members of the global banking community are eligible to register .BANK. 

The .BANK TLD uses the following enhanced security requirements:

  1. State, regional and provincial banks that are chartered and supervised by a government regulatory authority;
  2. Savings associations that are chartered and supervised by a government regulatory authority;
  3. National banks that are chartered and supervised by a government regulatory authority;
  4. Associations whose members are primarily comprised of entities identified above in 1, 2 or 3;
  5. Groups of associations whose members are primarily comprised of associations identified above in 4;
  6. Service providers that are principally owned by or predominantly supporting regulated entities identified above in 1, 2 or 3 (if approved by the fTLD Board); and
  7. Government regulators of chartered and supervised banks, savings associations or organizations whose members are primarily comprised of such government regulators (if approved by the fTLD Board).



Eligibility No Restriction Restricted to verified banks only
Naming Allocation No Restriction, Leading to spoofing and phishing Must correspond to Bank’s existing rights
Encryption Optional Required
Domain Name System Security Extensions Optional Required
Email Authentication Optional Required
Multi-Factor Authentication Optional Required
Short, Intuitive Name Availability Very expensive on the aftermarket Shorter, more relevant branding
Branding Association No Restriction, free for all, full of bad actors Recognized as a vetted trustworthy websites

Source: https://www.icba.org/docs/default-source/icba/advocacy-documents/dot-bank-white-paper.pdf .Bank, A Business Case White Paper (Dalpiaz, 2017). 



Realize today’s vision and be the first to register for .BANK, because the benefits of owning a .BANK domain name are ever growing and the security that comes with it is impeccable. Even if purchasing .BANK domain name with the means of redirecting traffic to your .COM website you are still able to build equity among the search engines while your .BANK gains momentum and recognition.

Acting as the corporate domain management division of Web Commerce Communications Limited (WEBCC), with over 18 years of experience in providing global Internet services and manages over 1,000,000 domain names all around the world, Reg.Asia is proud to be trusted by many Top brands in Southeast Asia to deliver the highest form of performance and reliability.