Banks and other financial institutions often find that their trademarks are targeted in the online environment by means of domain names redirecting to their websites or resolving to websites purporting to offer competing services.
In other cases, the domain names are used for setting up email addresses to send fraudulent emails to customers of the financial institution.
Other types of fraudulent behavior directed against banks include use of domain names for distributing malware, displaying login pages requesting personal information, domain names used for gambling websites or displaying pornographic content.
As panels point out, trademarks for banking services are “notoriously often targeted by phishing scams and
other fraudulent behavior“.
Irrespective of the use, and even where the domain names are not in use, the threats for financial institutions in the online area are significant, given this is a regulated activity with financial risks, exposure to clients and tarnishment.
Banking and finance ranks second in terms of industries targeted by cybersquatters according to statistics at WIPO, which reflects the scale of the phenomenon and importance for financial institutions to protect their trademarks against cybersquatting.
I will analyze below recent cases where banks were targeted by cybersquatters.
Active Websites Purporting to Offer Competing Services
In the case concerning the domain names <nexenbnymellons.com>, <nexenlbnymellon.com>, <nexenlmetlonbmy.com> and <nxnbnymellon.com>, the complainant was The Bank of New York Mellon, one of the oldest banks in the world, and one of the three oldest banking corporations in the United States.
The domain names in dispute were used to resolve to a copycat of the complainant’s website. After the complaint was filed, the domain names resolved to pages stating “Dangerous site. Attackers on the site you’re trying to visit might trick you into installing software or revealing things like your password, phone or credit card number. Chrome strongly recommends going back to safety”.
With respect to the second element of the Policy, the panel found that the above use cannot confer rights or legitimate interests to the respondent. As regards the third element of the Policy, the panel first found that the respondent was aware of the complainant’s trademark, given both the composition of the domain names (confusing similarity, typosquatting and the use of a combination of the complainant’s trademarks – BNY MELLON and NEXEN) and the use of the domain names, as described above.
The panel also found that the domain names in dispute were used in bad faith under paragraph 4(b)(iv) of the Policy, which – the panel emphasized – “is further aggravated by the industry field of the Complainant, as banking activities are strictly regulated”.
In another case, the complainant BPCE, one of the largest banking groups in France, complained about the domain name <bpceinvestmnt.com>, which was used to resolve “to a website in Italian proposing financial services for individuals (offering consumption loans) under the brand “Credito Plus”. The website proposes to consumers to enter their personal details to get a loan offer. It contains a contact address in Rome and a contact email using the disputed domain name ([…]@bpceinvestmnt.com).”
The panel found that both the composition of the domain name in dispute (“combining the Complainant’s BPCE Trademark with the suffix “investmnt”, a misspelling of the word “investment”, which is a descriptive term referring to the Complainant’s financial activities”) and the use of the domain name (to resolve “to a website offering financial services (loans to consumers)”) lead to the conclusion that the “respondent registered the disputed domain name in the knowledge of the Complainant’s BPCE Trademark and with the intention of taking unfair advantage of the goodwill attached to it by causing confusion among Internet users.”
In a similar situation, the same bank, BPCE, obtained the transfer of the domain name <caissecrdepargne.com>, that was used to lead to a website in French language supposedly “offering loan services reproducing the trademark CAISSE D’EPARGNE”.
In another case, the complainant was Deutscher Sparkassen- und Giroverband e.V., an association registered under the umbrella of the well known Sparkassen – Finanzgruppe, one of the largest groups of credit institutions in Germany.
The domain name in dispute was <sparkassa.org>, which “resolved to a website featuring the Complainant’s logo and purporting to offer the same financial services as the Complainant’s group (overnight money, fixed-term deposits, retirement funds).” The German banking supervisory authority had published a warning that the operator of such website did not have a license to provide financial services.
The panel had no trouble in finding in favour of the complainant, and deciding that, in the circumstances of the case, the display of the complainant’s logo on the respondent’s website meant that the respondent was aware of the complainant when registering the disputed domain name, and given its use, the respondent “was engaged in an attempt to attract Internet users to its website for its own commercial gain”.
A similar finding in the case concerning the domain name <inmediprest.com> reclaimed by a Mexican company, Faprei SA, which operated an online platform offering loans under the trademark INMEDIPREST. The domain name in dispute was used for a website using the corporate name of the complainant and offering personal loans.
In the case concerning the domain name <principalcred.com>, the complainant was a publicly traded multinational financial services institution. The domain name was used to resolve to a website displaying the complainant’s customer service phone number, offered similar products and services as the complainant.
Also, in another WIPO case, the complainant was Skopos Financial LLC, a United States financial auto lender that provides loans to individuals and families to help purchase new or used vehicles.
The website at the disputed domain names <reprisefinancial.online> and <reprisefinancials.net> displayed “the Complainant’s REPRISE FINANCIAL trademark and brand logo and purporting to offer financial services similar to those offered by the Complainant. The websites encourage Internet users to “Start a new application” or “Finish The Application I started”, where they are redirected to the Complainant’s main website. The very end of the website using the disputed domain name <reprisefinancials.net> contains a disclaimer in small print text which states, among other things, “We are not associated with Reprise Financial”.”
A similar situation in the case concerning the domain name <cantoronlinebank.com> filed by Cantor Fitzgerald Securities, a United States financial institution, or the case concerning the domain name <spectracapital.live> filed by Spectra Holding LLC, a United States specialized commercial real estate debt asset management company.
Domain Names used for Fraudulent Emails
In the case concerning the domain name <ondeckcapital.support> the complainant was On Deck Capital, Inc., a United States financial services company providing small business loans and financing. The disputed domain name was used to fraudulently send emails to the complainant’s customers as part of a scheme in which the respondent posed as a complainant’s supervisor, in an attempt to have customers make payments owed to the complainant, which payments would inure to the benefit of the respondent.
The panel decided:
- under the second element of the Policy that “such use of the Disputed Domain Name to impersonate the Complainant and perpetuate this fraudulent scheme does not confer rights or legitimate interests on the Respondent”, and
- under the third element of the Policy that, inter alia “the Respondent’s registration and use of the Disputed Domain Name constitutes bad faith registration and use under the Policy due to the Respondent’s use of the Disputed Domain Name to impersonate the Complainant and create fraudulent emails purportedly sent by a Complainant’s supervisor to customers who owed money to the Complainant in an attempt to have the customers settle those debts, which debts would be paid to the Respondent”.
Other banks or other financial institutions encountered similar situations, with domain names being used for fraudulent emails targeting their customers or the complainant’s employees that impersonated official company correspondence, such as:
- the case concerning the domain names <goldingcapitals.com> and <goldingscapital.com>, where the complaint was filed by Golding Capital Partners GmbH, an independent asset management firm based in Germany,
- the case concerning the domain name <avidlbank.com>, where the complaint was filed by Avidbank, a United States corporation offering business banking focused on commercial and industrial lending,
- the case concerning the domain name <alphacapitals.com>, where the complaint was filed by Alpha Capital Anstalt, Liechtenstein, a private investment firm that provides capital and guidance to emerging companies. The domain name was used both for a website creating the illusion that it is the Complainant’s website, and for an email fraud scheme, creating email addresses of individuals purportedly connected with the complainant, and contacting companies seeking for investors by pretending to be complainant,
- the case concerning the domain name <csileasiing.com>, where the complainant was CSI Leasing Mexico, operating in the financial and business leasing industry since 2002. The domain name was used “as part of a fraudulent email scheme targeting the Complainant’s corporate associates by impersonating the identity of one of the Complainant’s actual employees to request payment.”
Other Fraudulent Uses of Domain Names
- webpages with login details asking for personal information
Intrum AB Sweden, a credit management and financial services company founded in 1923, obtained transfer of several domain names targeting its trademark INTRUM. The domain names in dispute were used, inter alia, as a link in a text message requesting its recipient to proceed with an online payment, or to resolve to a website featuring a login page which requested personal information from the Internet users.
A similar situation was in the case concerning the domain name <moelis.vip>, where the complainant was Moelis & Company, a United States investment bank, where the domain name in dispute resolved to a login page inviting users to enter login details. The respondent was promoting the login page on its website, on YouTube and Telegram.
In another recent case, the complainant was Banque et Caisse d’Epargne de l’Etat (Luxembourg), and the domain name in dispute, <spuerkeess.info> resolved prior to the complaint to a webpage displaying the Complainant’s trademark and logo together with a phishing alert and providing a contact
phone number for users who suspect to have been a victim of a phishing attack.
Another recent case concerned the domain name <lplfinancialfreedom.net>, where the complainant, LPL Financial LLC (United States) obtained the transfer of the said domain name, which was used to redirect to “a parking website inviting Internet users to enter their email address to contact the website holder and to sign
up for email updates“.
- Malware distribution
Principal Financial Services Inc, a publicly-traded financial institution, obtained transfer of the domain name <principal-apps.com> that was used to resolve to a page that had two buttons which a user could click to download an Android or Iphone app. The panel found that the apparent distribution of malware represents evidence of bad faith registration and use.
- Pornographic websites
Oney Bank, a French company established in 1983 and specialized in consumer credit, electronic payments and payment card management, obtained transfer of the domain name <wwwoneyg3.net> that was used to resolve to a pornographic website including monetization through advertisements.
The panel found that “in this Panel’s view, the Respondent’s purpose of using the disputed domain name is to attract Internet users who are not looking for a pornographic website but are instead looking for products and/or services associated with the Complainant and its ONEY trademark. Therefore, the Panel holds that by using the disputed domain name, the Respondent has intentionally attempted to attract, for commercial gain, Internet users by creating a likelihood of confusion with the Complainant and its ONEY trademarks.”
- gambling
The Bank of Cyprus Public Company Limited obtained transfer of the domain name <bankofcyprus.ro> that was used to resolve “to a website displaying gambling contents and reproducing without authorization the dominant feature of the Complainant’s registered mark”.
- PPC pages
In a large number of cases, financial institutions file UDRP claims against domains used for parking pages containing pay-per-click links to banking related services.
For example, LPL Financial LLC (United States) obtained transfer of the domain name <lplinancial.com>, BankPlus (United States) obtained transfer of the domain name <bankpplus.net>, Principal Financial Services Inc. (United States) obtained transfer of the domain names <principal-financial.cfd>, <principal-financial-login.cfd>, <principal-retirement.cfd> and <principal-dental.cfd>, HGFC Bank Limited (India) obtained transfer of the domain name <hdfcinternational.com>.
- Inactive website
In a number of cases, well known financial institutions obtained transfer of domain names that were not actively used, as passive holding of domain names can be – and often are – held to represent bad faith registration and use. In some cases an additional factor is that the domain name in dispute is offered for sale for an amount exceeding registration costs.
As examples:
- Banque et Caisse d’Epargne de l’Etat (Luxembourg) obtained transfer of the domain name <bcee.skin>,
- Ares Management LLC (United States) obtained transfer of the domain name <ares-investments.com>,
- Confédération Nationale du Crédit Mutuel (France), obtained transfer of the domain name <creditmutuel-contact.com>, or in another case of the domain name <www-creditmutuel.com>,
- Belfius Bank SA (Belgium), obtained transfer of the domain name <www-belfiu-business-be.com>, in another case of the domain name <belfiusonline.org>, or in another case of the domain name <belfiusprivatebank.com>, that was offered for sale for the amount of USD 2,850.
- Zios Bancorporation, N.A. (United States), obtained transfer of the domain name <vectra-bank.digital>,
- Belfius Bank SA (Belgium), obtained transfer of the domain names <belfius-id.finance> and <belfius-id.help>,
- BPCE (France), obtained transfer of the domain name <caisse-epargne-protection.com>.
Final Remarks
The above case are only few recent examples of a large number of cases where financial institutions obtain quick remedy against cybersquatters using UDRP. This is key given the potential risks for fraud and harm to consumers, and their losing trust in the institution.
As correctly stated by a panel,
“since the Complainant’s line of business, which is providing financial services, is a strictly regulated space if the disputed domain name becomes functional and operative, it could deceive the general public to believe that the disputed domain name belongs to the Complainant and that this would, in turn, mislead consumers, divert them to the disputed domain name that does not belong to the Complainant, thereby leading to severe customer grievances and financial losses and this would also consequently tarnish the Complainant’s reputation and goodwill garnered in the market. This indeed is a valid concern of the Complainant that cannot be brushed aside, more so owing to the fact that in the recent past there has been an increasing trend of online financial scams and frauds where innocent Internet users are being duped of their money”.
