Decision for dispute CAC-UDRP-103164

The Panel is not aware of any other proceedings related to the disputed domain name.

The Complainant (Intesa Sanpaolo S.p.A.) is the owner of the (i) International trademark registration n. 793367 “INTESA”, granted on September 4, 2002 and duly renewed, in connection with class 36; (ii) EU trademark registration n. 12247979 “INTESA”, filed on October 23, 2013 and granted on March 5, 2014, in connection with classes 9, 16, 35, 36 38, 41 and 42 (iii) International trademark registration n. 1032908 “BANCA INTESA”, applied on December 18, 2009, in classes 9, 16, 35, 36, 41, 42 and 45. Moreover, the Complainant is also the owner of the several domain names bearing the signs “INTESA” and “BANCA INTESA” including <intesa.com>, <intesa.info>, <intesa.biz>, <intesa.org>, <bancaintesa.it> and many others.

The disputed domain name <intesabancaonline.com> was registered on March 31, 2020.

FACTS ASSERTED BY THE COMPLAINANT AND NOT CONTESTED BY THE RESPONDENT:

THE DOMAIN NAME IS IDENTICAL OR CONFUSINGLY SIMILAR TO A TRADEMARK OR SERVICE MARK IN WHICH THE COMPLAINANT HAS RIGHTS

The Complainant is the company resulting from the merger (effective as of January 1, 2007) between Banca Intesa S.p.A. and Sanpaolo IMI S.p.A., two of the top Italian banking groups. The Complainant is the leading Italian banking group and among the top banking groups in the euro zone, with a market capitalisation exceeding 29,8 billion euro, and the undisputed leader in Italy, in all business areas. The Complainant has a network of approximately 3,700 throughout the Italy, with market shares of more than 15% in most Italian regions and offers its services to approximately 11.8 million customers. The Complainant has a strong presence in Central-Eastern Europe with a network of approximately 1,000 branches and over 7,2 million customers. Moreover, the international network specialised in supporting corporate customers is present in 25 countries.

The Complainant is the owner, among others, of the registrations for the trademarks “INTESA” and “BANCA INTESA” – International trademark registration n. 793367 “INTESA”, EU trademark registration n. 12247979 “INTESA” and International trademark registration n. 1032908 “BANCA INTESA. Moreover, the Complainant is also the owner, among the others, of the several domain names bearing the signs “INTESA” and “BANCA INTESA”.

It is more than obvious that the disputed domain name is identical, or at least confusingly similar, to the Complainant’s trademarks. As a matter of fact, the disputed domain name exactly reproduces the well-known trademark “BANCA INTESA”, with the mere inversion of the terms “BANCA” and “INTESA” and the addition of the word “ONLINE”.

THE RESPONDENT HAS NO RIGHTS OR LEGITIMATE INTERESTS IN RESPECT OF THE DOMAIN NAME

The Respondent has no rights on the disputed domain name, and any use of the trademarks “INTESA” and “BANCA INTESA” has to be authorized by the Complainant. Nobody has been authorized or licensed by the Complainant to use the domain name at issue. The domain name at stake does not correspond to the name of the Respondent and, to the best of Complainant’s knowledge, the Respondent is not commonly known as “INTESABANCAONLINE”. Lastly, the Complainant did not find any fair or non-commercial uses of the disputed domain name.

THE DOMAIN NAME WAS REGISTERED AND IS USED IN BAD FAITH

The disputed domain name was registered and is used in bad faith. The Complainant’s trademarks “INTESA” and “BANCA INTESA” are distinctive and well known all around the world. The fact that the Respondent has registered a domain name that is confusingly similar to them indicates that the Respondent had knowledge of the Complainant’s trademark at the time of registration of the disputed domain name. In addition, if the Respondent had carried even a basic Google search in respect of the wordings “INTESA” and “BANCA INTESA”, the same would have yielded obvious references to the Complainant. The Complainant submits an extract of a Google search in support of its allegation. This raises a clear inference of knowledge of the Complainant’s trademark on the part of the Respondent. Therefore, it is more than likely that the disputed domain name would not have been registered if it were not for Complainant’s trademark. This is a clear evidence of registration of the domain name in bad faith.

In addition, the disputed domain name is not used for any bona fide offerings. More particularly, there are present circumstances indicating that, by using the disputed domain name, the Respondent has intentionally attempted to attract, for commercial gain, Internet users to his web site, by creating a likelihood of confusion with the Complainant's mark as to the source, sponsorship, affiliation, or endorsement of his web site (par. 4(b)(iv) of the Policy).

The disputed domain name is not used for any bona fide offerings, considering that the same is connected to a website which has been blocked by Google Safe Browsing through a warning page. It is clear that the main purpose of the Respondent was to use the above website for “phishing” financial information in an attempt to defraud the Complainant’s customers and that Google promptly stopped the illicit activity carried out by the Respondent.

As underlined by countless WIPO decisions, “Phishing” is a form of Internet fraud that aims to steal valuable information such as credit cards, social security numbers, user Ids, passwords, etc. A fake website is created that is similar to that of a legitimate organization, typically a financial institution such as a bank or insurance company and this information is used for identity theft and other nefarious activities.
Several WIPO decisions also stated that the use of a disputed domain name for the purpose of defrauding Internet users by the operation of a “phishing” website is perhaps the clearest evidence of registration and use of a domain name in bad faith.

In particular, the UDRP jurisprudence considered phishing attacks as “proof of both bad faith registration and use in bad faith”. The Complainant refers to WIPO Case No. D2006-0614: “The Respondent registered the domain name because in all probability he knew of the Complainant and the type of services offered by the Complainant and tried to attract Internet users for commercial gain by “spoofing” and “phishing”. The Panel notes that these are practices which have become a serious problem in the financial services industry worldwide. This is a compelling indication both of bad faith registration and of use under paragraph 4(b)(iv)”.

In conclusion, even excluding any current “phishing” purposes or other illicit use of the domain name in the present case (which, however, has been confirmed by Google Safe Browsing with a warning page), anyway the Complainant could find no other possible legitimate use of disputed domain name. The sole further aim of the owner of the domain name under consideration might be to resell it to the Complainant, which represents, in any case, an evidence of the registration and use in bad faith (circumstances indicating that you have registered or you have acquired the domain name primarily for the purpose of selling, renting, or otherwise transferring the domain name registration to the complainant who is the owner of the trademark or service mark or to a competitor of that complainant, for valuable consideration in excess of your documented out-of-pocket costs directly related to the domain name).

NO ADMINISTRATIVELY COMPLIANT RESPONSE HAS BEEN FILED.

For the Complainant to succeed it must prove, within the meaning of paragraph 4(a) of the Policy, that (i) the domain name is identical or confusingly similar to a trademark or service mark in which the Complainant has rights.

The Complainant has established the fact that it has valid rights for the (i) International trademark registration n. 793367 “INTESA”, granted on September 4, 2002; (ii) EU trademark registration n. 12247979 “INTESA”, filed on October 23, 2013 and (iii) International trademark registration n. 1032908 “BANCA INTESA”, applied on December 18, 2009.

The disputed domain name has been registered on March 31, 2020, i.e. more than 17 years after the first international trademark registration.

The disputed domain name consists from three parts: INTESA, BANCA and ONLINE. The first part of the disputed domain name is identical to the international and EU trademarks “INTESA”, while the second part could correspond to the generic name of the type of the Complainants business (bank). Moreover, the first and second part of the disputed domain name is almost identical to the international trademark “BANCA INTESA” with the mere exchange of the order of the used words (INTESA and BANCA instead of BANCA and INTESA).

The addition of the third part of the disputed domain name (ONLINE) does not change the overall impression of the designation as being connected to the Complainant and its trademarks and use of this generic and descriptive term more likely strengthens the likelihood of confusion between the disputed domain name and Complainant’s trademark as the banks are often presented their services online (i.e. on the internet).

Furthermore, the addition of the generic top level domain “.COM” does not change the overall impression of the designation as being connected to Complainant’s trademarks.

Therefore, the Complainant has, to the satisfaction of the Panel, shown the disputed domain name is confusingly similar to the Complainant’s trademarks “INTESA” and “BANCA INTESA” in which the Complainant has rights (within the meaning of paragraph 4(a)(i) of the Policy).

For the Complainant to succeed it must prove, within the meaning of paragraph 4(a) of the Policy, that (ii) the respondent has no rights or legitimate interests in respect of the domain name.

The Complainant has established a prima facie case (not challenged by the Respondent who did not filed any response to the complaint) that the Respondent has no rights or legitimate interests in the disputed domain name, since the Respondent is not related in any way with the Complainant and there is no indication that the Respondent is commonly known by the term “INTESABANCAONLINE” or that the Respondent is using the disputed domain name in connection with a bona fide offering of goods or services. There is also no evidence, that the Respondent is making a legitimate noncommercial or fair use of the domain name, without intent for commercial gain to misleadingly divert consumers or to tarnish the trademark or service mark at issue.

The Panel therefore considers that the Complainant has, to the satisfaction of the Panel, shown the Respondent to have no rights or legitimate interests in respect of the disputed domain name (within the meaning of paragraph 4(a)(ii) of the Policy).

For the Complainant to succeed it must prove, within the meaning of paragraph 4(a) of the Policy, that (iii) the domain name has been registered and is being used in bad faith.

The Respondent has registered the disputed domain name which consists of the Complainant’s trademarks “INTESA” and “BANCA INTESA” and generic term “ONLINE”. There are no doubts that the Complainant’s trademarks are distinctive and well-known. It could be therefore concluded that the domain name has been registered in bad faith as the Respondent had or should have the Complainant and its prior trademark rights in mind when registering the disputed domain name.

Furthermore, the disputed domain name redirects to a website that has been blocked by a security service. One could therefore expect that the website has been used for some kind of illegal activity including phishing as stated by the Complainant. Although there is no evidence, that the disputed domain name has been used for phishing, the blocking realized by the security service is a strong indication of such use. Nevertheless, there is no evidence, that the domain name has been used for the legitimate purposes, i.e. in good faith.

It could be therefore concluded, that the disputed domain name has been used for illegal purposes to attract the internet users to such website for commercial gain by creating a likelihood of confusion with the Complainant’s trademark (paragraph 4(b)(iv) of the Policy).

Considering the (i) similarity between the Complainant’s trademarks and the disputed domain name, (ii) use of the disputed domain name for the commercial gain to attract the internet users to such website, (iii) blocking of the website by the security service, (iv) distinctiveness of the Complainant’s trademarks and (v) the failure of the Respondent to submit a response or to provide any evidence of good faith use, the Panel finds that the disputed domain name has been registered and is being used in bad faith.

Thus the Complainant has, to the satisfaction of the Panel, shown the disputed domain name has been registered and is being used in bad faith (within the meaning of paragraph 4(a)(iii) of the Policy).

The registrar contended in its verification that the disputed domain name was in registrar’s control and the registrar was willing to transfer the domain name with a settlement or dismissal. The reason has not been disclosed by the registrar and it is not clear, whether the original registrant of the disputed domain name was the registrar itself or what's the identity of the registrant; however it is not relevant for this proceeding. In this case, the registrar and registrant are the same persons and therefore, the registrar has the rights according the Policy including the right to respond to the complaint. The respondent (registrant/registrar) has therefore to respond to the complaint and propose a settlement to the Complainant. But as stated above no administratively compliant response has been filed by the Respondent (registrant/registrar) and no settlement has been concluded by the parties. Therefore, the Panel proceeded to the dispute resolution.

The Panel is satisfied that all procedural requirements under UDRP were met and there is no other reason why it would be inappropriate to provide a decision.

The Panel considers that the Complainant has shown that the disputed domain name <intesabancaonline.com> is confusingly similar to a trademarks in which the Complainant has rights, the Respondent has no rights or legitimate interests in respect of the disputed domain name and the disputed domain name has been registered and is being used in bad faith. The Complainant has thus established all three elements of paragraph 4(a) of the Policy.