MX.com registrant lost #UDRP despite claims of phishing against IDN #domain

MX, a company formerly known as Money Desktop, acquired the domain MX.com in 2014 upon rebranding.

The domain’s previous owner, MediMetrix, most likely sold MX.com for an undisclosed amount.

Someone registered the IDN domain name ᴍx.com (xn--x-x6l.com) and the visual match was perceived as a phishing scheme threat for the fintech company.

They filed a UDRP at the WIPO, but lost the case, as the Respondent claimed the domain was out of his control after failing to renew it due to an expired credit card.

The Complainant’s claims of a potential threat were not seen as adequate by the sole panelist, who said:

“Under this Panel’s view such message appears to be a mere notice of the registration of the disputed domain name and potential risks but does not characterize in itself as an indication of actual suspicious activity being performed at or with the disputed domain name (just the possibility thereof).”

Without any such evidence of malicious activity, the request to transfer the domain was denied.

The domain transfer was denied.

Full details on this decision follow:

MX Technologies, Inc. v. Contact Privacy Inc. Customer 1244077080 / A
Case No. D2019-1241

1. The Parties

The Complainant is MX Technologies, Inc., United States of America, represented by Kunzler Bean & Adamson, PC, United States of America.

The Respondent is Contact Privacy Inc. Customer 1244077080, Canada / A, Mexico.

2. The Domain Name and Registrar

The disputed domain name <ᴍx.com> [xn--x-x6l.com] is registered with Google LLC (the “Registrar”).

3. Procedural History

The Complaint was filed with the WIPO Arbitration and Mediation Center (the “Center”) on May 31, 2019. On May 31, 2019, the Center transmitted by email to the Registrar a request for registrar verification in connection with the disputed domain name. On May 31, 2019, the Registrar transmitted by email to the Center its verification response disclosing registrant and contact information for the disputed domain name which differed from the named Respondent and contact information in the Complaint. The Center sent an email communication to the Complainant on June 11, 2019 providing the registrant and contact information disclosed by the Registrar, and inviting the Complainant to submit an amendment to the Complaint. The Complainant filed an amended Complaint on June 11, 2019. In response to a request for clarification by the Center, the Complainant filed an amendment to the Complaint on June 11, 2019.

The Center verified that the Complaint together with the amendment to the Complaint and the amended Complaint satisfied the formal requirements of the Uniform Domain Name Dispute Resolution Policy (the “Policy” or “UDRP”), the Rules for Uniform Domain Name Dispute Resolution Policy (the “Rules”), and the WIPO Supplemental Rules for Uniform Domain Name Dispute Resolution Policy (the “Supplemental Rules”).

In accordance with the Rules, paragraphs 2 and 4, the Center formally notified the Respondent of the Complaint, and the proceedings commenced on June 12, 2019. In accordance with the Rules, paragraph 5, the due date for Response was July 2, 2019. An informal email communication from the Respondent was received by the Center on June 12, 2019. No formal Response was submitted. The Center notified the Parties that it would proceed to panel appointment on July 3, 2019.

The Center appointed Wilson Pinheiro Jabur as the sole panelist in this matter on July 12, 2019. The Panel finds that it was properly constituted. The Panel has submitted the Statement of Acceptance and Declaration of Impartiality and Independence, as required by the Center to ensure compliance with the Rules, paragraph 7.

On July 20, 2019 the Respondent forwarded to the Center an email communication he had received from the Registrar on May 19, 2019 stating that he no longer had permission to manage the disputed domain name.

The Panel issued Procedural Order No. 1 on August 1, 2019 in view of the Respondent’s informal submissions to assess whether the Respondent was expressing a willingness to consent to the transfer of the disputed domain name and whether the Complainant would wish to explore settlement options, allowing the Parties to speak until August 6, 2019 and extending the due date for the decision to August 13, 2019. No reply to Procedural Order No. 1 was received by the Center.

4. Factual Background

The Complainant is a financial technology company that provides software to financial institutions, originally known as MoneyDesktop which was rebranded to MX in 2014. It is the owner, amongst others, of the United States of America trademark registration No. 5,064,772 for MX, filed on May 26, 1994, registered on October 18, 2016 in classes 09, 35, 41, and 42 (Annex 4 to the Complaint).

The disputed domain name <ᴍx.com>[xn--x-x6l.com] was registered on March 5, 2019 and transferred to the Respondent on May 20, 2019. A parked webpage depicting characters and zodiac signs presently resolves from the disputed domain name.

5. Parties’ Contentions
A. Complainant

The Complainant asserts to provide downloadable software and backend software services to financial institutions and to financial technology companies to assist their end users to budget and manage their respective transactions and pay off personal debts. The Complainant further states to have been using the <mx.com> domain name since at least September 25, 2014, currently having over 1,800 clients and over 26 million active users managing their finances on the Complainant’s platform.

The disputed domain name, <ᴍx.com> [xn--x-x6l.com], under the Complainant’s view characterizes a transliteration of the Complainant’s mark using non-ASCII, non-Latin characters to copy the Complainant’s domain name and MX marks.

Moreover, the Complainant asserts that the Respondent has no rights or legitimate interests in respect of the disputed domain name given that the Respondent has at no time been authorized by the Complainant to use the MX mark in any way. In addition to that, no evidence of the Respondent’s use of, or preparations to use the disputed domain name in connection with a bona fide offering of goods or services were located by the Complainant, as well as no trademark rights or evidence that the Respondent has been commonly known by the disputed domain name could be found.

As to the registration and use of the disputed domain name in bad faith, the Complainant argues that on March 5, 2019 one of the Complainant’s customers noticed in a security scan, the potential for suspicious activities and notified the Complainant of the disputed domain name (Annex 5 to the Complaint). The Complainant states (but does not annex copy thereof) that it immediately sent an email regarding the registration and use of the disputed domain name but received no reply from the Respondent.

Such bad faith use, under the Complainant’s view is the only use made of the disputed domain name and indicates that the Respondent registered the disputed domain name primarily for the purpose of disrupting the Complainant’s business, and for intentionally attempting to attract, for commercial gain, Internet users to the disputed domain by creating a likelihood of confusion with the Complainant’s MX marks and <mx.com> domain name. Lastly, the retention of a privacy service should be regarded as a bad faith attempt to evade enforcement of the Complainant’s legitimate trademark rights and obstruct these proceedings.

B. Respondent

An informal email communication from the Respondent was received by the Center on June 12, 2019 in which he states, in Spanish, that the disputed domain name was no longer his and that the credit card that he had used to pay for it had been cancelled, apologizing for not being able to do anything with it.

On July 20, 2019 the Respondent forwarded to the Center an email communication he had received from the Registrar on May 19, 2019 stating, in Spanish, that he no longer had permission to manage the disputed domain name.

6. Discussion and Findings

Paragraph 4(a) of the Policy sets forth the following three requirements which have to be met for this Panel to order the transfer of the disputed domain name to the Complainant:

(i) the disputed domain name is identical or confusingly similar to a trademark or service mark in which the Complainant has rights; and

(ii) the Respondent has no rights or legitimate interests in respect of the disputed domain name; and

(iii) the disputed domain name has been registered and is being used in bad faith.

The Complainant must prove in this administrative proceeding that each of the aforesaid three elements is present so as to have the disputed domain name transferred to it, according to paragraph 4(a) of the Policy.
A. Identical or Confusingly Similar

The Complainant has shown that it is the owner of the registered MX mark (Annex 4 to the Complaint). The disputed domain name <ᴍx.com> [xn--x-x6l.com], characterizes a transliteration of the Complainant’s mark using non-ASCII, non-Latin characters.

Section 1.14 of the WIPO Overview of WIPO Panel Views on Selected UDRP Questions, Third Edition (“WIPO Jurisprudential Overview 3.0”) states that “[a] domain name that consists or is comprised of a translation or transliteration of a trademark will normally be found to be identical or confusingly similar to such trademark for purposes of standing under the Policy, where the trademark – or its variant – is incorporated into or otherwise recognizable, through such translation/transliteration, in the domain name. The Panel also notes the visual similarity.

This Panel considers that the disputed domain name is confusingly similar to the trademark under the Policy, having the first element of the Policy been established.
B. Rights or Legitimate Interests

Paragraph 4(c) of the Policy provides a non-exclusive list of circumstances that may indicate a respondent’s rights to or legitimate interests in a domain name. These circumstances are:

(i) before any notice of the dispute, the respondent’s use of, or demonstrable preparations to use, the domain name or a name corresponding to the domain name in connection with a bona fide offering of goods or services; or

(ii) the respondent (as an individual, business, or other organization) has been commonly known by the domain name, even if it has not acquired trademark or service mark rights; or

(iii) the respondent is making a legitimate noncommercial or fair use of the domain name, without intent for commercial gain to misleadingly divert consumers or to tarnish the trademark or service mark at issue.

The Respondent, in not formally responding to the Complaint, has failed to invoke any of the circumstances, which could demonstrate, pursuant to paragraph 4(c) of the Policy, any rights or legitimate interests in the disputed domain name. This entitles the Panel to draw inferences from such default as it considers appropriate, pursuant to paragraph 14(b) of the Rules.

The Complainant has made out a prima facie case that the Respondent lacks rights or legitimate interests in the disputed domain name. The burden of production has therefore shifted to the Respondent to come forward with appropriate allegations or evidence demonstrating rights or legitimate interests.

In his informal communications the Respondent has not explained his choice of the disputed domain name nor expressed any actual or prospective bona fide use of the disputed domain name, being it rather intriguing his statement that the disputed domain name was no longer his and that the credit card that he had used to pay for it had been cancelled, especially considering that the Complainant is a financial technology company that provides software to financial institutions and could be a potential target to fraudulent schemes.

In addition to that, the current use made of the disputed domain name in connection with a page that merely displays characters and zodiac signs does not advance a claim by itself that the Respondent has rights or legitimate interests with respect to the disputed domain name.
C. Registered and Used in Bad Faith

As to the registration and use of the disputed domain name in bad faith the Complainant grounds its assertions on the email message of May 5, 2019 (Annex 5 to the Complaint) that it received from one of its customers noticing a “suspicious email domain”, being such “bad faith use detected by […] the only use of the domain name of which Complainant is aware”.

The evidence submitted by the Complainant (Annex 5 to the Complaint) consists however of an email of March 5, 2019 sent to the Complainant by one of its clients, alerting the Complainant of the disputed domain name therein described as a “suspicious email domain that could affect MX” and further stating that “[w]e’ve seen multiple incidents where a lookalike domain was used to pose as individuals from the organization (usually via email) to commit fraud (payment of manipulated/fraudulent invoices) or trick the recipient into revealing sensitive information via Social Engineering”.

Under this Panel’s view such message appears to be a mere notice of the registration of the disputed domain name and potential risks but does not characterize in itself as an indication of actual suspicious activity being performed at or with the disputed domain name (just the possibility thereof).

In as much as the Respondent has not produced any evidence of any actual or contemplated bona fide use of the disputed domain name (and there would be other factors that would not favor the Respondent, such as the choice of a Privacy Protection Service, the claim to no longer be in control of the disputed domain name, the indication of what appears to be a false address, the cancelation of the credit card used to pay for the registration of the disputed domain name and the possibility of a potential targeting of the Complainant in view of its connection with the financial segment – a natural target for fraudulent schemes), there is no evidence in the records of the case that the Respondent targeted a brand owner such as the Complainant while registering the disputed domain name (a disputed domain name which in its Second-Level consists of two international characters), nor any evidence of an actual fraudulent scheme perpetrated using the disputed domain name disrupting or targeting the Complainant and its business, or other such evidence of the use of the disputed domain name in bad faith.

The Complainant has therefore not met its burden, at least based on the evidence presented in this case, of showing that the Respondent has registered and used the disputed domain name in bad faith. The Panel expressly notes that the present case is one in which if actual evidence of bad faith comes to the possession of the Complainant, this may provide justification for the submission of a new Complaint.

7. Decision

For the foregoing reasons, the Complaint is denied.

Wilson Pinheiro Jabur
Sole Panelist
Date: August 12, 2019

Copyright © 2024 DomainGang.com · All Rights Reserved.