The Sydney Morning Herald (SMH) covered some news about an error that was caused by using an incorrect domain name in an email address. The error involved the Commonwealth Bank of Australia (CBA). Here’s what happened, according to SMH:
“The bank on Friday said it had conducted an information security investigation, after it emerged that last financial year staff had inadvertently sent 651 internal emails to email addresses with the domain name cba.com, rather than the bank’s actual domain name of cba.com.au.”
Incidentally, something very similar recently happened to a different bank in Australia when “customer information was sent in error to an nab.com address rather than an email address on the nab.com.au domain,” reported ZDNet in January of 2017.
A little less than a year ago, I wrote an article about how email is the domain name X factor. Many companies still don’t think domain names are super important. They may feel their money is better spent on branding or building products/services rather than buying an expensive exact match domain name. Companies that think this way may opt for a less expensive ccTLD or cutesy domain name like “GetX” or “UseX” instead of the exact match .com name. Clients, vendors, prospects, and apparently even internal marketing teams may be confused or forgetful and use the brand match .com domain name instead. If the email snafu involves private information or data being shared with unauthorized parties, that can be a big problem if the company doesn’t control that other domain name.
This is another example of why companies, especially those who retain private consumer data, should practically do whatever it takes to get the brand matching .com domain name for their business.
As you may recall, I wrote about the CBA.com domain name a couple of years ago. The SMH article also discussed the acquisition of the domain name, but I found one aspect of the article to be a bit confusing:
“The bank said that in 2016-17, cba.com was owned by a United States cyber security company, and before that, it was owed by a US financial services company called Cheslock Bakker & Associates.”
A Screenshots.com entry from May of 2016 shows that the domain name was parked with PPC advertising links in 2016. Using the Whois History tool at DomainTools, I was able to see the CBA.com domain name was parked using Parking Crew name servers in 2016 (Parking Crew is a domain name parking / monetization company). Although the domain name was registered under privacy, I do not believe the registrant of the domain name was a cybersecurity firm as reported, but rather a domain investment company. I was able to confirm this with Mike Robertson, the person who acquired the domain name in the bankruptcy auction on behalf of his client.
I think the case of CBA.com illustrates how problematic it can be for a big firm to not own the exact match .com domain name. I have heard many people downplay concerns about confusing domain names because they believe customers and prospects will find their website via Google or social networking tools. They also need to understand the role of email and how a confusing domain name can be problematic.