The domain suffixes of hundreds of Dutch government websites, including DigiD.nl and Duo.nl, will be changed in an effort to prevent fraud, junior home affairs minister Alexandra van Huffelen has said, following calls from cyber experts.
Like millions of Dutch websites, important and frequently visited government sites still end in .nl making it easy for fraudsters to create fake versions. By changing just one letter in the name and using the official government fonts, it is easy for criminals to trick people into providing valuable data.
Reports of fraud related to government sites have been increasing. The tax office alone received over 150,000 reports of phishing mails and fake web pages in 2020, four times as many as the year before.
According to cyber experts the government should change their site suffixes to .overheid.nl or .gov.nl, extensions which can only be registered by government bodies.
“It is unrealistic to expect that everyone recognises attempts at phishing,” VVD MP Queeny Rajkowski, who wants the change to be implemented as soon as possible, told the AD. “If adapting the domain names can help then that is low hanging fruit and we should do something about it”.
An earlier investigation into safer domain names on behalf of the home office from 2019 found that the look of the 1,800 government sites differs too much in style, and that a uniform suffix would be desirable.
Apart from a new suffix, login methods for government sites also have to be uniform, experts said.
Van Huffelen is expected to announce the new suffix by the end of the year.