85 % of .CZ Domains Are Not Protected Against Fraud

Prague, 8 February 2011 – The cellar is full of water and the house owner is repairing the roof. Such behaviour is exhibited by most providers of online services, who are trying to maximise their safety but forget to protect the domains on which the services run. In this way, most of the largest service and content providers expose their users to the risk of falling victim to fraudulent websites that appear identical to real ones and where they unknowingly disclose their login data or become victims of manipulation. Using these methods, fraudsters may gain access to their e-mail, bank accounts, social network profiles or other sensitive data. For this reason, the CZ.NIC Association has launched a campaign to increase the security of Czech domains.

One tool that can be used to protect against forged web pages is the DNSSEC security technology. Currently, however, only 15% of .CZ domains, and just a handful of major internet connection providers in the Czech Republic, are secured with this technology.

“Securing .CZ domains has been possible since 2008. Even though the process is free of charge and requires minimum time and financial investment, for example, the percentage of internet banking sites in the .CZ domain protected against forgery and fraud is as low as 10%,” says Ondřej Filip, Executive Director of the CZ.NIC Association.

For this reason, the CZ.NIC Association has launched a campaign to increase awareness of the importance of domain security. A key part of the campaign is the website www.bezpecnedomeny.cz, where anyone can check the security level of their connection, as well as of any .CZ domain. After completing the test, users may sign a petition to spread the DNSSEC technology, provided by CZ.NIC to providers of online services such as banks, connection providers, state administration etc.

“In most cases, normal internet users have only two options for protecting themselves – using a connection that is secured by their ISP and making sure the domains of the services they use were secured by the providers of the service,” adds Pavel Tůma, Director of Marketing of the CZ.NIC Association. “Therefore, we explain to the users what the risks are and encourage them to raise their voice and show that they care about safety in using the internet.”

The campaign, which is meant to increase the awareness of DNSSEC and improve the safety of the Czech internet, was launched on 17 January with a viral phase, based on videos and photographs documenting the invented stories of doubles of four famous persons (Leoš Mareš, Sámmer Issa, Diana Kobzanová, and Michal Dvořák); these videos spread on the internet through YouTube, Stream.cz, social networks, community sites and discussion forums. These stories, seen by hundreds of thousands of people, are a clear parallel to the issue of fake domains that look identical to real ones.

Today, the official part of the campaign begins, during which the CZ.NIC association is launching the bezpecnedomeny.cz site, where videos explaining the campaign will be hosted. The site will also show the risks of unsecured domains in more detail and explain how to protect yourself.

About the DNSSEC technology

DNSSEC is an extension of the DNS system, which increases the security of domain names. The principle of DNS is the translation of human-friendly internet addresses, such as www.nic.cz or www.dobradomena.cz, into numerical addresses understood by computers, which can in turn provide services such as displaying web pages, sending e-mails, Internet telephony etc. DNSSEC increases security while using DNS through preventing forged, altered or incomplete domain name data. The CZ.NIC association, as the administrator of the .CZ and ENUM domain registries, implemented this security technology for the holders of these domains and for the users of the Czech internet in September 2008. More information can be found at www.dnssec.cz.