More Information
- Hey, TYPE-YOUR-CREDIT-CARD-NUMBER-HERE.COM is available for registration!
- Rules for .hk Domain and Sub-domains
- FAQ: New Registration of Domain Name
- FAQ: Second-Level '.hk' domain name
Phishers often use domain names that are similar to a well-known bank’s name, so F-Secure decided to look into the number of domains that mimic banks. Mikko Hyppönen reports that the number is, “Well, lots.”
Mikko asks, “When someone in, say, Nigeria wants to register a domain name that starts with the name of a well known bank, why are the registrars so willing to let them register it?”
Some registrars do have reasonable rules, for example, the Hong Kong Domain Name Registration Company Limited (HKDNR) restricts third level domain names:
- .idv.hk for individuals of age 11 or above with HKID card
- .com.hk for commercial entities with valid business registrations
- .net.hk for network service providers with PNET licenses
- .org.hk for non-profit making organizations
- .edu.hk for tertiary institutions and schools
- .gov.hk for government entities
So, whatever domain names are issued within these, the user has some assurance that there is an identifiable entity in Hong Kong to hold responsible. However, HKDNR’s policy for second-level domain names (.hk) is that no documentary proof is required in general (though applications for domain name consisting of or containing a reference to words like 'bank', 'insurance' or 'assurance' will require additional documents issued by relevant authorities). Is this sufficient? Some banks do not use the work “bank” in their name (the HSBC is an obvious, local example), so possibilities for deception still exist.