As you may already be aware, from 24 March 2022, anyone with a local connection to Australia (including businesses, associations and individuals) have been able to register a new category of domain name.
These shorter simpler domain names will end in .au rather than .com.au, .net.au, .org.au, .gov.au or .edu.au.
All Australian businesses will have until 20 September to reserve their au equivalent domain name, then it becomes available to the general public.
This new category of domain name allows users to register shorter, more memorable online names; however, it also creates another avenue for cybercriminals to conduct fraudulent cyber activities.
Opportunistic cybercriminals could register your .au domain name in an attempt to impersonate your business.
For example, if you have currently registered yourbusiness.com.au, a cybercriminal could register yourbusiness.au or yourbusinesscom.au and use these domains to conduct fraudulent cyber activities.
How to protect yourself
To help protect your business from opportunistic cybercriminals, the Australian Cyber Security Centre (ACSC) recommends that all Australian businesses with existing domain names register their .au equivalents before 20 September 2022.
If a business does not reserve their .au equivalent direct domain before then, that name will become available to the public on a first come, first served basis.
Even if you don’t intend to use the domain to conduct business, reserving these addresses will prevent cybercriminals from having the opportunity to impersonate your business with look-alike domains.
If your business has an existing eligible .au domain name (such as .com.au and .net.au), you have until 20 September 2022 to indicate whether you to intend to apply for the exact match of your name in .au direct via the Priority Allocation Process.
If you do not apply for the exact match of a name it will become available to the general public. Your existing domain names will all continue to operate as normal.