The Sydney Morning Herald (SMH) covered some news about an error that was caused by using an incorrect domain name in an email address. The error involved the Commonwealth Bank of Australia (CBA). Here’s what happened, according to SMH:
“The bank on Friday said it had conducted an information security investigation, after it emerged that last financial year staff had inadvertently sent 651 internal emails to email addresses with the domain name cba.com, rather than the bank’s actual domain name of cba.com.au.”
Incidentally, something very similar recently happened to a different bank in Australia when “customer information was sent in error to an nab.com address rather than an email address on the nab.com.au domain,” reported ZDNet in January of 2017.
A little less than a year ago, I wrote an article about how email is the domain name X factor. Many companies still don’t think domain names are super important. They may feel their money is better spent on branding or building products/services rather than buying an expensive exact match domain name. Companies that think this way may opt for a less expensive ccTLD or cutesy domain name like “GetX” or “UseX” instead of the exact match .com name. Clients, vendors, prospects, and apparently even internal marketing teams may be confused or forgetful and use the brand match .com domain name instead. If the email snafu involves private information or data being shared with unauthorized parties, that can be a big problem if the company doesn’t control that other domain name.
This is another example of why companies, especially those who retain private consumer data, should practically do whatever it takes to get the brand matching .com domain name for their business.
As you may recall, I wrote about the CBA.com domain name a couple of years ago. The SMH article also discussed the acquisition of the domain name, but I found one aspect of the article to be a bit confusing:
“The bank said that in 2016-17, cba.com was owned by a United States cyber security company, and before that, it was owed by a US financial services company called Cheslock Bakker & Associates.”
A Screenshots.com entry from May of 2016 shows that the domain name was parked with PPC advertising links in 2016. Using the Whois History tool at DomainTools, I was able to see the CBA.com domain name was parked using Parking Crew name servers in 2016 (Parking Crew is a domain name parking / monetization company). Although the domain name was registered under privacy, I do not believe the registrant of the domain name was a cybersecurity firm as reported, but rather a domain investment company. I was able to confirm this with Mike Robertson, the person who acquired the domain name in the bankruptcy auction on behalf of his client.
I think the case of CBA.com illustrates how problematic it can be for a big firm to not own the exact match .com domain name. I have heard many people downplay concerns about confusing domain names because they believe customers and prospects will find their website via Google or social networking tools. They also need to understand the role of email and how a confusing domain name can be problematic.
Weirdly, since it has not expired, CBA.com is currently in a pre-release auction at NJ: http://www.namejet.com/Pages/Auctions/BackorderDetails.aspx?domainname=cba.com&cat=
Yes Andrea I just noticed that too.
The SMH article states:
CBA bought the domain name cba.com in April last year to deal with the issue, and from January 2017 it started blocking any internal emails addressed to the domain cba.com.
Typing cba.com redirects to commbank.com.au which is the correct domain for the Commonwealth Bank, so they would appear to now own it.
cba.com.au also redirects to commbank.com.au and so does commbank.com. And so does nic.cba.
ICANN whois says cba.com is regged at ascio.com which is in turn regged at CSC Corporate Domains. And so is commbank.com, so there is a common ownership link.
So on NameJet, cba.com is in PreRelease with over 100 bidders, 16 days to go and a max bid of $32,001.
The Commonwealth is Australias largest bank and makes an annual profit around USD 6 billion. There is no way they would be letting this domain go.
The cba.com ICANN whois also states: Registrar Expiration Date: 2019-05-17
.com is becoming more popular in Australia so it makes sense for companies to have both otherwise there will be confusion. The situation may get more extreme if auDA ever launches .au which will add a lot of customer confusion into the namespace.
The pre-release auction of cba.com at NameJet was finally removed today. Strange that it was there in the first place.