Decision for dispute CAC-UDRP-105344

The Panel is not aware of any other legal proceedings which are pending or decided and which relate to the disputed domain name.

The Complainant owns many Trademark Registrations for LENDINGCLUB including the following:

- United States Trademark No. 3513349, registered on October 7, 2008;

- United States Trademark No. 5470831, registered on May 15, 2018;

- United States Trademark No. 6029627, registered on April 7, 2020;

- International Trademark No. 1387144, registered on September 11, 2017, designating, the European Union, Japan, Australia, New Zealand, and Israel; and

- China Trademark No. 26701423, registered on March 28, 2020.

Founded in the United States of America in 2006, the Complainant offers innovative, world class financial services. LendingClub is a leading digital marketplace bank in the United States and internationally. LendingClub members gain access to a broad range of financial products and services through a technology-driven platform, designed to help them pay less when borrowing and earn more when saving. The Complainant’s home page is found at the domain name <lendingclub.com>.

The Complainant has invested copious amounts of time and money to promote the ubiquitous LendingClub brand, worldwide. As such, consumers around the world have come to associate the Complainant and its services with the LENDINGCLUB marks and brand. Through such longstanding and exclusive use by Complainant, the LENDINGCLUB marks are famous in the United States and throughout the world.

The disputed domain name <lendingcluglogin.net> was registered on July 22, 2022. There website that resolves from the disputed domain name has been blocked as “malicious” and the domain name has been used to send phishing emails which direct unsuspecting internet users to a malware download page.

The Complainant has, to the satisfaction of the Panel, shown the disputed domain name is identical or confusingly similar to a trademark or service mark in which the Complainant has rights (within the meaning of paragraph 4(a)(i) of the Policy).

The Complainant has, to the satisfaction of the Panel, shown the Respondent to have no rights or legitimate interests in respect of the disputed domain name (within the meaning of paragraph 4(a)(ii) of the Policy).

The Complainant has, to the satisfaction of the Panel, shown the disputed domain name has been registered and is being used in bad faith (within the meaning of paragraph 4(a)(iii) of the Policy).

The Panel is satisfied that all procedural requirements under UDRP were met and there is no other reason why it would be inappropriate to provide a decision.

In view of Respondent's failure to submit a response, the Panel shall decide this administrative proceeding on the basis of Complainant's undisputed representations pursuant to paragraphs 5(f), 14(a) and 15(a) of the Rules and draw such inferences it considers appropriate pursuant to paragraph 14(b) of the Rules.  The Panel is entitled to accept all reasonable allegations set forth in a complaint; however, the Panel may deny relief where a complaint contains mere conclusory or unsubstantiated arguments. See WIPO Jurisprudential Overview 3.0 at paragraph 4.3; see also GROUPE CANAL + v. Danny Sullivan, 102809 (CAC January 21, 2020) (“the Panel, based on the poorly supported and conclusory allegations of the Complainant, retains that the Complainant has not prevailed on all three elements of the paragraph 4(a) of the Policy and, therefore, rejects the Complaint.”)

a. The disputed domain name is confusingly similar to a trademark or service mark in which the Complainant has rights

 Paragraph 4(a)(i) of the Policy requires that the Complainant demonstrate its ownership of trademark rights and that the disputed domain name is confusingly similar to such trademark. Boehringer Ingelheim Animal Health France / Merial v. S Jon Grant, 103255 (CAC September 30, 2020) (“it is imperative that the Complainant provides evidence that it has rights in a trade mark or service mark, following which the Panel shall assess whether or not the disputed domain name is identical or confusingly similar to the Complainant’s trade mark(s).”)

The Complainant has submitted copies of its registration certificates from the United States Patent and Trademark Office (USPTO), as well as screenshots from the websites of the World Intellectual Property Office (WIPO) and China National Intellectual Property Administration (CNIPA) as evidence that it owns registered rights to its asserted LENDINGCLUB trademark in many jurisdictions. The earliest of these reflects a registration date of October 7, 2008. The Panel notes that these registration certificates name the owner as “Lendingclub Corporation” which differs from the name of the Complainant as recited in the Complaint. However, the Panel has taken it upon itself to review the assignment records of the USPTO and is satisfied that these registrations have been assigned to the named Complainant. Registration with such national and multi-national offices has been found sufficient to satisfy the threshold requirement of proving trademark rights under Paragraph 4(a)(i) of the Policy. Margaritaville Enterprises, LLC v. Neil Wein, FA 1916531 (FORUM November 9, 2020) (“It is well established by decisions under this Policy that a trademark registered with a national authority is evidence of trademark rights”). The disputed domain name, which was registered on July 22, 2022, adds the word “login” to the LENDINGCLUB trademark and the Complainant asserts that this does not avoid a finding of confusion. The domain name further adds the “.net” gTLD. Thus, the Complainant asserts that the second level of the disputed domain name is confusingly similar to the asserted trademark and will lead internet users to wrongly believe that the disputed domain name originates or is endorsed by the Complainant. Prior panels have found confusing similarity under similar fact situations. Avast Software s.r.o. v. Milen Radumilo, 102384 (CAC April 19, 2019) (“it is well accepted that where the relevant trademark is recognizable within the disputed domain name, the addition of descriptive terms would not prevent a finding of confusing similarity.”)

Also, the extension “.net” typically adds no meaning or distinctiveness to a disputed domain name and may most often be disregarded in the Paragraph 4(a)(i) analysis. Novartis AG v. Wei Zhang, 103365 (CAC December 9, 2020) (“it is generally accepted that the addition of the top-level suffix in the domain name (e.g., ‘.com’) is to be disregarded under the confusing similarity test”).

Accordingly, the Panel finds that the Complainant has rights to its claimed trademark and that the addition of a descriptive word thereto in the disputed domain name is insufficient to avoid a finding that it is confusingly similar to the Complainant’s trademarks. Thus, the Complainant has satisfied Paragraph 4(a)(i) of the Policy.

b. The Respondent has no rights or legitimate interests in respect of the disputed domain name

Pursuant to Paragraph 4(a)(ii) of the Policy, the Complainant has the burden of making a prima facie showing that the Respondent has no rights or legitimate interests in the disputed domain name. Cephalon, Inc. v. RiskIQ, Inc., 100834 (CAC September 12, 2014). Once this burden is met, it then shifts to the respondent to demonstrate that it does have rights or legitimate interests in the domain name. Paragraph 4(c) of the Policy offers the Respondent several examples of how to demonstrate its rights or legitimate interests in the disputed domain name.

With reference to Paragraph 4(c)(i) of the Policy, the Panel considers whether the Respondent is using the disputed domain name to make a bona fide offering of goods or services.  The Complaint asserts that Respondent is using the disputed domain name for purposes of phishing and fraud. Using a disputed domain name in the manner claimed by the Complainant is not a bona fide offering of goods and services or legitimate noncommercial or fair use. See BOURSORAMA v. Kevin Sandler, 105227 (CAC March 31, 2023) (use of “a phishing email address associated with the Disputed Domain Name where the Respondent attempted to pass itself off as an employee of the Complainant for financial gain by writing to a Complainant's customer” found to not be a bona fide offering of gods or services or a legitimate noncommercial or fair use per the Policy). In the present case, the Complainant claims that the Respondent is “not providing any product or service, but is merely attempting to defraud Internet users for pecuniary gain.” In support, it provides a screenshot of the website to which the disputed domain name resolves and this displays the notice “Web Site Has Been Blocked! The web page you are attempting to access has been classified as malicious.” Also provided is a screenshot of an email from the address verification@lendingclublogin.net to a potential customer for the Complainant which prominently displays the Complainant’s graphic LENDINGCLUB logo and states “I hope you are doing well. Here is your digital verification Link” followed by a link to a page that the Complainant states “contained a link to the Disputed Domain Name.” The Respondent has not filed a Response or made any other submission in this case to offer an explanation for its actions which differs from that asserted by the Complainant. As the Complainant has made out a prima facie case that has not been rebutted by the Respondent, upon a preponderance of the evidence before it the Panel finds that the Respondent fails to use the disputed domain name for a bona fide offering of goods or services per Paragraph 4(c)(i) of the Policy.

Next, under Paragraph 4(c)(ii) the Complainant asserts that the Respondent is not commonly known by the disputed domain name. Past panels have looked at the available WHOIS information when considering whether a Respondent is commonly known by the disputed domain name. See EMERIA EUROPE v. ANTOINE GRENIER (foncia-patrimoine), 105142 (CAC February 20, 2023) (According to the Whois record “[t]he Respondent’s name “Antoine Grenier” is all what it links the Disputed Domain Name with the Respondent. Absent of any other evidence such as a personal name, nickname or corporate identifier, the Panel is of the opinion that the Respondent is not commonly known by the Disputed Domain Name.”). Furthermore, lack of authorization to use a mark serves as an additional indication that a respondent is not commonly known by the disputed domain name. See Lovehoney Group Limited v. yan zhang, 103917 (CAC August 17, 2021) (“lack of authorization to use a complainant’s mark may indicate that the respondent is not commonly known by the disputed domain name.”) The Whois information for the disputed domain name reflects the Respondent’s name as “Lennys Alvarez” and the Complainant states that “Respondent does not have, and never has had, Complainant’s permission to use the LENDINGCLUB marks in such manner, or at all” and the Respondent has not contested or refuted this. Therefore, the Panel finds no evidence upon which to conclude that Respondent is commonly known by the disputed domain name under Policy paragraph 4(c)(ii).

Finally, under Paragraph 4(c)(iii) of the Policy the Panel considers whether the Respondent is making a legitimate non-commercial or fair use of the disputed domain name. The disputed domain name resolves to a website that has been blocked as potentially malicious and the Respondent has sent phishing emails using the disputed domain name. Using a confusingly similar domain name to promote malware or commit fraud through phishing  is not a legitimate non-commercial or fair use. See Liquid Enterprises B.V. v. Team Liquid CA, 101303 (CAC November 18, 2016) (finding that the Respondent did not have rights or legitimate interests where “the disputed domain name is used to distribute malicious software (malware).”) See also Bouygues S.A. v. Rafael Vivier, D2019-1401 (WIPO August 5, 2019) (“The Panel is further convinced that, due to the phishing activity and the inactivity of the website, there was no bona fide offering of goods or services under paragraph 4(c)(i) of the Policy, nor a noncommercial or fair use pursuant to paragraph 4(c)(iii) of the Policy.”) Here, the Complainant asserts that “[t]he use of a domain name to commit fraud is not a legitimate or non-commercial fair use” and, as noted above, the Complainant provides screenshots of the “malicious” warning at the Respondent’s resolving website and of a phishing email in which the Respondent seeks to have the recipient click a link that brings it to such malicious page. Based on the presented evidence, the Panel finds that the Respondent fails to make a legitimate non-commercial or fair use of the disputed domain name per Paragraph 4(c)(iii) of the Policy.

c. The disputed domain name was registered and used in bad faith

Under Paragraph 4(a)(iii) of the Policy, the Complainant must demonstrate both that the disputed domain name was registered and is being used in bad faith. Further guidance on that requirement is found in Paragraph 4(b) of the Policy, which sets out four examples of possible actions by the Respondent that may satisfy this burden of proof.

Inherently prerequisite to a finding of bad faith under Paragraph 4(a)(iii) of the Policy is some attribution of knowledge of the Complainant’s claimed trademark, whether actual or based upon a conclusion that the Respondent should have known of the trademark. See, Domain Name Arbitration, 4.02-C (Gerald M. Levine, Legal Corner Press, 2nd ed. 2019) (“Knowledge and Targeting Are Prerequisites to Finding Bad Faith Registration”); USA Video Interactive Corporation v. B.G. Enterprises, D2000-1052 (WIPO December 13, 2000) (claim denied where “Respondent registered and used the domain name without knowledge of Complainant for a bona fide commercial purpose.”). See also, WIPO Overview 3.0, par. 3.1.1 (when examining whether “circumstances indicate that the respondent’s intent in registering the disputed domain name was in fact to profit in some fashion from or otherwise exploit the complainant’s trademark”, Panels may consider such issues as “the respondent’s likely knowledge of the complainant’s rights”). Here, the Complainant claims that it “has invested copious amounts of time and money to promote the ubiquitous LendingClub brand, worldwide. As such, consumers around the world have come to associate Complainant and its services with the LENDINGCLUB marks and brand. Through such longstanding and exclusive use by Complainant, the LENDINGCLUB marks are famous in the United States and throughout the world.” However, the Complainant has only provided evidence of its trademark registrations and a screenshot of its home page at <lendingclug.com>. While this evidence supports the existence of trademark rights, it does not speak to the reputation or scope of the LENDINGCLUB trademark as perceived by the relevant public. As such, the Panel has insufficient evidence to make a finding that the Respondent must have known of the Complainant’s trademark based on any assertion of fame.

However, the Complainant further asserts that the Respondent’s prior knowledge of the LENDINGCLUB trademark may be inferred from its impersonation of the Complainant in phishing emails that incorporate the disputed domain name and display the Complainant’s LENDINGCLUB graphic logo.  From this evidence, the Panel concludes that the Respondent had actual knowledge of the Complainant’s trademark at the time it registered the disputed domain name.

Next, the Complainant argues that the Respondent registered and uses the disputed domain name in bad faith as the Respondent fraudulently impersonates and passes itself off as the Complainant. Using a confusingly similar domain name to pass oneself off as a complainant can demonstrate bad faith under Paragraphs 4(b)(iii) and (iv) of the Policy. See BANQUE DELUBAC ET CIE v. Virgilon, 104565 (CAC July 4, 2022) (“the Panel accepts the Complainant's contentions that the disputed domain name has been used in bad faith under an apparent engagement of the Respondent in a phishing scam”). See also Celestron Acquisition, LLC v. shanwang chen, 104771 (CAC September 10, 2022)  (“Phishing activity disrupts business within the provisions of paragraph 4(b)(iii) of the Policy.”) The Complainant asserts that the disputed domain name is used for “sending emails from an email address mimicking the Complainant -- solely for Respondent’s pecuniary gain” and that the Respondent’s use of the disputed domain name to send phishing emails is an “effort to defraud Internet users” by creating a likelihood of confusion with its trademark. The evidence in this case shows that the Respondent has, for commercial gain, used its website at the disputed domain name in an attempt at injecting malware into their devices and has sent phishing emails from an address that impersonates the Complainant in furtherance of this scheme. The Respondent has not participated in this case to explain its actions and so, based upon a preponderance of the available evidence, the Panel finds it highly likely that the Respondent registered and uses the disputed domain name in bad faith by disrupting the Complainant’s business and by seeking commercial gain through confusion with the Complainant’s trademark, per Paragraphs 4(b)(iii) and (iv).