Decision for dispute CAC-UDRP-104430

The Panel is not aware of any other legal proceedings which are pending or decided and which relate to the disputed domain name.

The Complainant owns the European trade mark BOURSORAMA, registration number 1758614, first registered on 19 October 2001 in international classes 9, 16, 35, 36, 38, 41, and 42. The Complainant's trade mark registration predates the registration of the disputed domain name. While the Complainant asserts ownership of several trade marks, no other trade marks are identified and no supporting evidence is provided.

Furthermore, the Complainant owns multiple domain names consisting of or abbreviating the name BOURSORAMA, including <boursorama.com>, <brsimg.com>, <brsourama.com>, and <brsp.app>, although only the domain name <boursorama.com> links to the Complainant's official website through which it informs Internet users and customers about its products and services. The remaining domain names referred to by the Complainant appear to be inactive.

Founded in 1995, the Complainant was one of the first online financial platforms in Europe. It grew with the emergence of e-commerce and continued expansion of the range of financial products offered online in three core business areas: online brokerage, financial information, and online banking. The Complainant has more than 2 million customers in France and is a leading provider of online banking services.

The disputed domain name was registered on 24 February 2022 and redirects to a generic parking page. There is no evidence before the Panel that the disputed domain name has ever been used for an active website since it was registered. However, the Complainant adduced evidence to show that the disputed domain name was used on at least one occasion to send a phishing e-mail, seeking to impersonate the Complainant and attaching a banking contract template purporting to originate from the Complainant and using the Complainants registered trade mark BOURSORAMA, its logo and general get-up.

NO ADMINISTRATIVELY COMPLIANT RESPONSE HAS BEEN FILED.

The Complainant has, to the satisfaction of the Panel, shown the disputed domain name is identical or confusingly similar to a trade mark or service mark in which the Complainant has rights (within the meaning of paragraph 4(a)(i) of the Policy).

The Complainant has, to the satisfaction of the Panel, shown the Respondent to have no rights or legitimate interests in respect of the disputed domain name (within the meaning of paragraph 4(a)(ii) of the Policy).

The Complainant has, to the satisfaction of the Panel, shown the disputed domain name has been registered and is being used in bad faith (within the meaning of paragraph 4(a)(iii) of the Policy).

The Panel is satisfied that all procedural requirements under UDRP were met and there is no other reason why it would be inappropriate to provide a decision.

With regard to the first UDRP element, the Panel finds that the disputed domain name <brsma-client.com> is confusingly similar to the Complainant's trade mark BOURSORAMA. The disputed domain name incorporates five letters of the Complainant's trade mark and contains sufficiently recognisable aspects of the Complainant’s trade mark to give rise to confusing similarity. The use of an abbreviation of the trade mark does not in the circumstances of this case sufficiently distinguish the resulting domain name from the Complainant’s trade mark and does not avoid confusing similarity between the Complainant’s trade mark and the disputed domain name (see, for example, WIPO Case No D2016-1452 ZB, N.A., dba Zions First National Bank and ZB, N.A., dba Amegy Bank v. Cameron David Jackson; see also Express Messenger Systems, Inc. v. Golden State Overnight, WIPO Case No D2001-0063; and Dow Jones & Company, Inc. & Dow Jones LP v. T.S.E. Parts, WIPO Case No D2001-0381; Philip Morris USA Inc. v. Steven Scully, J&S Auto Repair, WIPO Case No D2015-1001).
The Panel considers this case to be a plain case of "typo-squatting", i.e., the disputed domain name contains an obvious and intentional misspelling of the Complainant's trade mark, which is not sufficient to alter the overall impression of the designation as being connected to the Complainant’s trade mark. The addition of the generic and descriptive term "client" is also not sufficient to alter the overall impression of the designation as being connected to the Complainant's trade mark. The Panel notes in this connection that the term "client" is closely related to the Complainant's business activities as a financial services provider offering online banking services. The addition of the generic and descriptive term "client" does not prevent the likelihood of confusion between the disputed domain name and the Complainant, its trade mark, and its associated domain name; rather to the contrary, it increases the likelihood of confusion by suggesting that the disputed domain name provides access to a client portal for service users of the Complainant's business. The Panel surmises that the Respondent chose to register the disputed domain name precisely because of its confusing similarity with the Complainant’s trade mark and because this would enable him to send phishing e-mails, attempting to impersonate the Complainant. The Panel follows in this respect the view established by numerous other decisions that a domain name which consists of a common, obvious, or intentional misspelling of a trade mark is considered to be confusingly similar to the relevant trade mark (see, for example, CAC Case No. 103124, Boehringer Ingelheim Pharma GmbH & Co.KG v. Fundacion Comercio Electronico <boehringeringelheimpetrreebates.com>; CAC Case No. 101990, JCDECAUX SA -v- Emma Purnell <jcdeceux.com>; CAC case No. 101892, JCDECAUX SA -v- Lab-Clean Inc <jcdacaux.com>; WIPO Case No. D2005-0941, Bayerische Motoren Werke AG, Sauber Motorsport AG v. Petaluma Auto Works <bmwsauberf1.com>; and WIPO Case No. D2015-1679, LinkedIn Corporation -v- Daphne Reynolds <linkedlnjobs.com>).

With regard to the second UDRP element, there is no evidence before the Panel to suggest that the Respondent has made any use of, or demonstrable preparations to use, the disputed domain name in connection with a bona fide offering of goods or services. Neither is there any indication that the Respondent is making legitimate non-commercial or fair use of the disputed domain name. Indeed, the disputed domain name is not being used for any active website but resolves to a generic parking page. A lack of content at the disputed domain has in itself been regarded by other panels as supporting a finding that the Respondent lacked a bona fide offering of goods or services and did not make legitimate non-commercial or fair use of the disputed domain name (see, for example, Forum Case No. FA 1773444, Ashley Furniture Industries, Inc v. Joannet Macket/JM Consultants). The Panel further finds that the Respondent is not affiliated with or related to the Complainant in any way and is neither licensed nor otherwise authorised to make any use of the Complainant’s trade mark or to apply for or use the disputed domain name. In addition, the Whois information does not suggest that the Respondent is commonly known by the disputed domain name <brsma-client.com>.

Finally, the Complainant adduced evidence in its submissions to show that the disputed domain name has been used for phishing purposes by sending at least one e-mail from the disputed domain, seeking to impersonate the Complainant and attaching a banking contract in an attempt to obtain sensitive personal information from the recipient of the e-mail. The Panel categorially agrees with the established view that the use of a domain name for illegal activity can never confer rights or legitimate interests on a respondent. The Panel follows in this regard an established line of cases: CAC Case No. 101578 <ARLEFOOD.COM> found that “To the contrary, it appears that the Respondent has used the disputed domain name to impersonate the Complainant and fraudulently attempt to obtain payments and sensitive personal information. The use of the disputed domain name in connection with such illegal activities cannot confer rights or legitimate interests on the Respondent”. See also CAC Case No. 102290 <PEPSICOGDV.COM> (carrying out phishing attacks spoofing the Complainant’s identity to send fraudulent emails for financial gain); and, more recently, CAC Case No. 103393 <SonyCreativeSoftware.Info> ("the use of a domain name for illegal activity (e.g. phishing) can never confer rights or legitimate interests on a respondent").

Against this background, and absent any response from the Respondent, or any other information indicating the contrary, the Panel concludes that the Respondent has no rights or legitimate interests in respect of the disputed domain name.

With regard to the third UDRP element, the Panel surmises that the Respondent must clearly have been aware that the BOURSORAMA trade mark was already registered and being used by the Complainant since the disputed domain name was deliberately being used to send at least one phishing e-mail, seeking to impersonate the Complainant. Furthermore, if the Respondent had carried out Google search for the name BOURSORAMA, the search results would have yielded immediate and obvious references to the Complainant. It is therefore reasonable to infer that the Respondent either knew, or should have known, that the disputed domain name would be confusingly similar to the Complainant's trade mark and that he registered the disputed domain name in full knowledge of the Complainant's rights.

Furthermore, the website related to the disputed domain name is currently inactive and resolves to a generic parking page. The Respondent has not demonstrated any activity in respect of the disputed domain name. First, it is difficult to conceive of any plausible actual or contemplated active use of the disputed domain name by the Respondent that would not be illegitimate on the grounds that it would constitute passing off, an infringement of consumer protection legislation, or an infringement of the Complainant’s rights under trade mark law under circumstances where the disputed domain name is confusingly similar to the Complainant’s trade mark currently used by the latter to promote its goods and services. Secondly, numerous other UDRP decisions have taken the view, which this Panel shares, that the passive holding of a domain name with knowledge that the domain name infringes another party’s trade mark rights may in itself be regarded as evidence of bad faith registration and use (see, for example, WIPO Case No. D2000-0003, Telstra Corporation Limited v. Nuclear Marshmallows; and WIPO Case No. D2004-0615, Comerica Inc. v. Horoshiy, Inc.).

Indeed, in its submissions, the Complainant adduced evidence to show that the disputed domain name has been used on at least one occasion to send a phishing e-mail, seeking to persuade the recipient to disclose confidential information and sensitive data. The Panel again follows an established line of cases in finding that registration and use of a domain name for such purposes constitutes bad faith. See, for example: WIPO Case No. D2018-1815 <hidQlobal.com>: "Respondent registered the disputed domain name which is nearly identical in appearance to Complainant’s distinctive trademark. As the disputed domain name effectively impersonates Complainant, there is no evident ground for Respondent to have selected it, other than for using it to induce Internet users, including email recipients, to confuse the owner/sponsor of a website or the sender of an email with Complainant and its products. Regrettably, it is not uncommon for domain names which closely approximate distinctive trademarks to be used as instruments of fraud or other abuse. Respondent has failed to provide any explanation for its decision to register the disputed domain name, and the Panel is unable to discern or infer any plausible legitimate reason for Respondent to have registered the disputed domain name. These circumstances are sufficient to establish Respondent’s registration and use of the disputed domain name in bad faith". Further, CAC Case No. 101578 (<ARLEFOOD.COM>) concluded that: “As recognized in previous UDRP decisions, the use of a domain name for purposes other than to host a website may constitute bad faith where, like in the case at hand, the circumstances suggest that the disputed domain name has been used for fraudulent purposes such as the sending of deceptive emails to obtain sensitive or confidential personal information or to solicit payment of fraudulent invoices by the Complainant’s actual or prospective customers”. In similar circumstances, previous UDRP panels have also stated that “the use of the disputed domain name in connection with a fraudulent email scheme can only lead to the conclusion that the disputed domain name is being used in bad faith” (see, for example, SAP SE v. Anuoluwapo Akobi, WIPO Case No. D2018-0624 <aribacompany.com>).

Absent any response from the Respondent, or any other information indicating the contrary, the Panel therefore also accepts that the Respondent has registered and is using the disputed domain name in bad faith.