Search
00
GBAF Logo
trophy
Top StoriesInterviewsBusinessFinanceBankingTechnologyInvestingTradingVideosAwardsMagazinesHeadlinesTrends

Subscribe to our newsletter

Get the latest news and updates from our team.

Global Banking & Finance Review®

Global Banking & Finance Review® - Subscribe to our newsletter

Company

    GBAF Logo
    • About Us
    • Profile
    • Privacy & Cookie Policy
    • Terms of Use
    • Contact Us
    • Advertising
    • Submit Post
    • Latest News
    • Research Reports
    • Press Release
    • Awards▾
      • About the Awards
      • Awards TimeTable
      • Submit Nominations
      • Testimonials
      • Media Room
      • Award Winners
      • FAQ
    • Magazines▾
      • Global Banking & Finance Review Magazine Issue 79
      • Global Banking & Finance Review Magazine Issue 78
      • Global Banking & Finance Review Magazine Issue 77
      • Global Banking & Finance Review Magazine Issue 76
      • Global Banking & Finance Review Magazine Issue 75
      • Global Banking & Finance Review Magazine Issue 73
      • Global Banking & Finance Review Magazine Issue 71
      • Global Banking & Finance Review Magazine Issue 70
      • Global Banking & Finance Review Magazine Issue 69
      • Global Banking & Finance Review Magazine Issue 66
    Top StoriesInterviewsBusinessFinanceBankingTechnologyInvestingTradingVideosAwardsMagazinesHeadlinesTrends

    Global Banking & Finance Review® is a leading financial portal and online magazine offering News, Analysis, Opinion, Reviews, Interviews & Videos from the world of Banking, Finance, Business, Trading, Technology, Investing, Brokerage, Foreign Exchange, Tax & Legal, Islamic Finance, Asset & Wealth Management.
    Copyright © 2010-2026 GBAF Publications Ltd - All Rights Reserved. | Sitemap | Tags | Developed By eCorpIT

    Editorial & Advertiser disclosure

    Global Banking & Finance Review® is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

    Home > Technology > Why Banking & Financial Services Organizations Must Prioritize Domain Security
    Technology

    Why Banking & Financial Services Organizations Must Prioritize Domain Security

    Published by Jessica Weisman-Pitts

    Posted on February 17, 2023

    5 min read

    Last updated: February 2, 2026

    Visual representation highlighting the importance of domain security in banking and financial services. The image illustrates the threats posed by phishing, typosquatting, and domain spoofing, emphasizing the need for enhanced cybersecurity measures.
    Illustration of domain security challenges in banking and finance - Global Banking & Finance Review
    Why waste money on news and opinion when you can access them for free?

    Take advantage of our newsletter subscription and stay informed on the go!

    Subscribe

    Tags:cybersecurityfinancial servicesrisk managementtechnology

    By Richard Cahill, Regional Leader, CSC Digital Brand Services

    Banking and financial services industries are known for being at the forefront of cyber protection and innovation. Yet they are also among the most targeted by phishing attacks, social engineering, CEO fraud and business email compromise (BEC) due to the sheer number of clients and financial data they own. According to the Carnegie Endowment International Peace, cyber risks to banking and financial industries have grown in recent years and is becoming more frequent, sophisticated, and destructive. As cyber risks continue to increase, these institutions face greater challenges in quantifying them and addressing their capacity for harm.

    One area of cybersecurity that banking and financial industries continue to struggle with is domain security. Web domains are a crucial part of any businesses’ operations, supporting client facing websites, organizations email, client or supplier portals, and much more. But like anything else that’s critical to an organization, they are also a key piece of the external attack surface that companies need to protect. Whether it be typosquatting, lookalike domain attacks, or phishing/malware campaigns, bad actors will find ways to conduct cyberattacks and take advantage of these assets.

    Over the last three years, we have been reporting on the domain security posture of the Forbes Global 2000 companies annually. One of the key findings from this year’s 2022 Domain Security Report, captured in the chart below, was that Banking was the top industry being targeted with fake domain registrations, followed closely by Diversified Financial companies tied for the 5th spot.

    One of the key findings in this report is that out of all of the Global 2000 companies, over 75% of homoglyph domains are owned by third parties. And of those domains owned by third parties (not owned by the brand owner) that are online for malicious purposes, 14.6% of these domains are targeting the Banking and Diversified Financial companies alone – a high percentage given the number of industry classifications within the Global 2000.

    Additionally, the report provided domain security scores to showcase top companies or industries with domain security best practices and protocols deployed. Further analyses of the report’s data showed in the chart below that Banking and Financial Services industries ranked in the middle of all industries for deploying security measures that can prevent domain or DNS attacks from happening.

    Overall, from the report, we’re seeing some organizations becoming more secure, but there is still a portion of companies with considerable domain security risk. This year’s report reveals that 75 percent of the Global 2000 companies and their brands are being e maliciously registered as fake domains by third parties, as they fail to implement key domain security measures.

    Many governing bodies have begun to focus on domain security, including the UK National Cybersecurity Center, and the Central Digital and Data Office, which offers a list of best practices. Below are four key steps a bank or financial institution can take to safeguard their domains and brands from online abuse and fraud:

    • Adopt a defense-in-depth approach for domain management and security

    Eliminate third-party risk by assessing your domain registrar’s security, technology, and processes along with your company’s domain name system (DNS) management provider. Be sure to also identify and secure vital domain names, DNS, and digital certificates.

    • Continuously monitor the domain space and key digital channels

    Register domains that could be high-value targets related to your brands and make sure you identify domain and DNS spoofing tactics as well. It is also important to identify trademarks and copyright abuse on web content, online marketplaces, social media and apps.

    • Use global enforcement, including takedowns and internet blocking

    To reduce the risk to your organization, it is vital to use phishing monitoring and a fraud-blocking network of browsers, partners, ISPs, and security information and event management systems. We also recommend using a range of technical and legal approaches for enforcement including takedowns and worldwide fraud blocking networks to mitigate these online scam sites by having an enforcement provider ‘on standby.’

    • Confirm vendor business practices aren’t contributing to fraud and brand abuse

    The following issues are often common with consumer-grade domain registrars:

    • Operating domain marketplaces that drop catch, auction, and sell domain names containing trademarks to the highest bidder
    • Domain name spinning and advocating the registration of domain names containing trademarks
    • Monetizing domain names containing trademarks with pay-per-click sites

    The risk of a bank or financial institution not addressing their domain security can be catastrophic. Domains that are not protected pose a significant threat to cybersecurity posture, data protection, consumer safety, intellectual property, supply chains, revenue, and reputation. We can expect awareness of these issues to grow, and for cyber insurance providers to start holding clients accountable for the quality and rigor of their domain defense strategies and approaches.

    In today’s world, artificial intelligence (AI) will significantly increase cybercriminals’ skillsets when launching attacks so defense tools need to be as smart as the technologies used by bad actors. With innovations such as ChatGPT, the best course of action to protect banks and financial institutions is to continue to elevate the awareness of these threats and share best practices, so that organizations can improve their domain security posture and safeguard their domains and brands from online abuse and fraud.

    Frequently Asked Questions about Why Banking & Financial Services Organizations Must Prioritize Domain Security

    1What is phishing?

    Phishing is a cyberattack method where attackers impersonate legitimate organizations to trick individuals into revealing sensitive information, such as passwords or credit card numbers.

    2What is business email compromise (BEC)?

    Business email compromise (BEC) is a type of cybercrime where attackers gain access to a business email account and use it to conduct fraudulent activities, often leading to financial losses.

    3What is social engineering?

    Social engineering is a manipulation technique that exploits human psychology to gain confidential information, often used in cyberattacks to trick individuals into breaking security protocols.

    4What is a cyber risk?

    A cyber risk is the potential for loss or harm related to technical infrastructure or the use of technology within an organization, often due to cyberattacks or data breaches.

    More from Technology

    Explore more articles in the Technology category

    Image for Debtist: Digital Debt Collection for Modern Businesses
    Debtist: Digital Debt Collection for Modern Businesses
    Image for Infosecurity Europe launches new Cyber Startup Programme to champion the next generation of cybersecurity innovators
    Infosecurity Europe launches new Cyber Startup Programme to champion the next generation of cybersecurity innovators
    Image for BLOXX Launches ĀRIKI BLOXX at Web Summit Qatar
    BLOXX Launches ĀRIKI BLOXX at Web Summit Qatar
    Image for Engineering Trust in the Age of Data: A Blueprint for Global Resilience
    Engineering Trust in the Age of Data: A Blueprint for Global Resilience
    Image for Over half of organisations predict their OT environments will be targeted by cyber attacks
    Over half of organisations predict their OT environments will be targeted by cyber attacks
    Image for Engineering Financial Innovation in Renewable Energy and Climate Technology
    Engineering Financial Innovation in Renewable Energy and Climate Technology
    Image for Industry 4.0 in 2025: Trends Shaping the New Industrial Reality
    Industry 4.0 in 2025: Trends Shaping the New Industrial Reality
    Image for Engineering Tomorrow’s Cities: On a Mission to Build Smarter, Safer, and Greener Mobility
    Engineering Tomorrow’s Cities: On a Mission to Build Smarter, Safer, and Greener Mobility
    Image for In Conversation with Faiz Khan: Architecting Enterprise Solutions at Scale
    In Conversation with Faiz Khan: Architecting Enterprise Solutions at Scale
    Image for Ballerine Launches Trusted Agentic Commerce Governance Platform
    Ballerine Launches Trusted Agentic Commerce Governance Platform
    Image for Maximising Corporate Visibility in a Digitally Driven Investment Landscape
    Maximising Corporate Visibility in a Digitally Driven Investment Landscape
    Image for The Digital Transformation of Small Business Lending: How Technology is Reshaping Credit Access
    The Digital Transformation of Small Business Lending: How Technology is Reshaping Credit Access
    View All Technology Posts
    Previous Technology PostVenom Foundation and Hub71 Partner to Accelerate Growth and Adoption of Blockchain Technologies from Abu Dhabi
    Next Technology PostExclusive-Microsoft’s Bing plans AI ads in early pitch to advertisers