Cyber squatters ‘could cash in’ on domain rule change

The co-chair of the ATO’s Cyber Security Stewardship Group, Michael Croker of CA ANZ, said cyber criminals would see an opportunity to register versions of existing domains using the new suffix, with huge potential downsides for businesses.

“The brand recognition generated from websites is enormous,” he said. “Your clients have come to trust communications you send them and you don’t want cyber squatters mucking your marketing strategy about.”

The ACSC recommends that all Australian businesses with existing domain names register their “.au” equivalents before 20 September 2022.

“If a business does not reserve their .au equivalent direct domain name during this six-month period, that name will become available to the public on a first come, first served basis,” it said.

Mr Croker said most accounting firms had a website with “.com.au” ending and although they could continue to use that, it was critical to stay ahead of digital criminals.

“Register for the new category of domain name and use the transition time to market the subtle but important name change to .au,” he said.

“They’ve got a transition period where they can get ahead of anyone else and register their abbreviated domain name - and they should get cracking.

“Small firms who don’t have an IT adviser or in-house capability should engage with this.”

The ACSC said more information and registration of a new name change was available at auda.org.au/au-domain-names:

• About .au Domain Names
• The .au Direct Launch
• The Priority Allocation Process