Close
  • About
  • IT Solutions
  • Industries
  • Cybersecurity
  • Resources
  • News
  • Careers
  • Refer Us
  • Payment Portal
  • Home
Get Support
Linkedin
Facebook-square
Twitter

ECS + MyIT Logo
  • About
  • IT Solutions
      Outsourced IT icon

      Outsourced IT

      Hybrid IT icon

      Hybrid/Co-IT

      Phones icon

      VOIP Phones

      Cloud icon

      Cloud & Network Equipment

      Consulting & Strategy

      Audits & Assessments

  • Industries
      heartbeat icon

      Compliance

      Auto dealership icon

      Auto Dealerships

      Professional IT Services hand icon

      Professional Services

      SMBs icon

      Small Businesses

      Government building icon

      Government

      Education icon

      Education

      Construction icon

      Construction

      Non-Profit organization icon

      Non-Profit

  • Cybersecurity
  • Resources
Contact Us
ECS + MyIT Logo
  • About
  • IT Solutions
      Outsourced IT icon

      Outsourced IT

      Hybrid IT icon

      Hybrid/Co-IT

      Phones icon

      VOIP Phones

      Cloud icon

      Cloud & Network Equipment

      Consulting & Strategy

      Audits & Assessments

  • Industries
      heartbeat icon

      Compliance

      Auto dealership icon

      Auto Dealerships

      Professional IT Services hand icon

      Professional Services

      SMBs icon

      Small Businesses

      Government building icon

      Government

      Education icon

      Education

      Construction icon

      Construction

      Non-Profit organization icon

      Non-Profit

  • Cybersecurity
  • Resources
Contact Us
Cybersecurity  ·  Industry-Specific Technologies

Are Top-Level Domains (TLDs) like .Law & .CPA More Secure?

By Holly Lawrence 

A friend who is the marketing director for a New Orleans-based accounting firm asked my thoughts on the new hot topic in the CPA community – the launch of the .CPA domain suffix. Top-level domains like .law, .bank, and .car provide organizations new domain opportunities that may be more relevant and easier to brand because it is difficult to obtain one of the original domain suffixes (.com, .org, .net, .edu, .gov, & .mil).

Additionally, industry-specific domains allow organizations to easily state their primary topic and use their exact name without worrying about being confused with similarly named companies in different markets. For example, an accounting firm named Johnson & Miller [a fictional company] may have to settle for www.johnmill.com or www.johnson-miller-cpa.com because another Johnson & Miller exists in a different industry like law or architecture.

My friend and I discussed the impact it could have on an accounting firm’s brand image, web rankings, and email addresses. He specifically reached out to me asking if .cpa would be more or less secure from a cybersecurity perspective. The promoters of this new top-level domain (TDL for short) state the .cpa domain is more secure because this new domain requires vetting and cybercriminals cannot purchase a fake .cpa domain and spoof a legitimate accounting firm to phish the firm’s employees and clients.

Let’s first define spoofing and phishing to make sure we’re on the same page.

  • Spoofing – a cybercriminal pretends to be someone they are not by impersonating a domain (also known as typosquatting). For example, a hacker may use domain impersonation and purchase Mlcrosoft.com or D!sney.com to spoof those legitimate organizations.
  • Phishing – a tactic a cybercriminal uses to lure information from the target or get them to do an action, like clicking a link, which can lead to downloading a virus or providing login information on a spoofed login page.

Back to the root question – is that true a .cpa will reduce spoofing & phishing attempts? Yes, but… The fact that the .cpa domain requires vetting does drastically limit a hacker’s ability to obtain a similar email to spoof. But other, similar top-level domains can still fool targets including .cab (typosquatting), .accountant, .finance, .money, and even .partners, which may not be vetted like .cpa. (Full list of top-level domains.)

Secondly, the security of top-level domains requires educating the general public of the domain’s usage and credibility. Most web users default to the original domains like .com, .org, and .gov and everything else looks odd, or, at the very least, appears like a new company. For decades, marketers have noted driving traffic to different websites because they’re promoting a .net domain and the potential buyer goes to the .com website by mistake. The .net domain has been around for decades already, so an industry-specific domain will probably have a similar fate.

If CPA firms want the cybersecurity benefit of using a top-level domain, they must inform their employees, clients, vendors, and prospective buyers that is the official firm domain. Retraining the general public to accept and look for top-level domains will likely take generations.

Do I recommend your firm getting an industry-specific top-level domain? Yes, I do, especially if it helps you rebrand your domain to something more specific to your name. If your company does not have a branding benefit to the industry-specific domain, I would redirect the web traffic and emails and not make it my primary domain.

Do I think an industry-specific top-level domain is more secure? No.


AICPA Discussion about Cybersecurity of .CPA
Previous Article
What to Do When Your Medical Information Has Been Hacked
Next Article
  • Categories

    • Blog
    • Business & Technology
    • Cloud Technology
    • Cybersecurity
    • DR & Data Protection
    • Industry-Specific Technologies
    • IT Compliance
    • News and Events


Explore

About Us
IT Solutions
Industries
Get Help
Contact

Disclaimer

Privacy Policy
Terms of Use
Master Client Agreement

Locations

New Orleans
6620 Riverside Drive, Suite 200
Metairie, LA 70003
504-888-6948

Shreveport
347 W. Bert Kouns Industrial Loop
Shreveport, LA 71106
318-219-3427

ECS + MyIT Logo
Linkedin
Facebook-square
Twitter
© 2020 My IT. All Rights Reserved.
  • About
  • IT Solutions
    ▼
    • Outsourced IT
    • Hybrid/Co-IT
    • VOIP Phones
    • Cloud & Network Equipment
  • Industries
    ▼
    • Compliance
    • Auto Dealerships
    • Professional Services
    • Small Businesses
    • Government
    • Education
    • Construction
    • Non-Profit
  • Cybersecurity
  • Resources
  • Contact Us
  • Get Support
  • News
  • Careers
  • Payment Portal