UBS AG v. William Ricaldo
Claim Number: FA2004001891124
Complainant is UBS AG (“Complainant”), represented by Patrick J. Jennings of Pillsbury Winthrop Shaw Pittman, LLP, United States. Respondent is William Ricaldo (“Respondent”), Spain.
REGISTRAR AND DISPUTED DOMAIN NAME
The domain name at issue is <ubsprivateclientsaccess.com>, registered with Shinjiru Technology Sdn Bhd.
The undersigned certifies that he has acted independently and impartially and to the best of his knowledge has no known conflict in serving as Panelist in this proceeding.
Charles A. Kuechenmeister, Panelist.
Complainant submitted a Complaint to the Forum electronically on April 6, 2020; the Forum received payment on April 6, 2020.
On April 6, 2020, Shinjiru Technology Sdn Bhd confirmed by e-mail to the Forum that the <ubsprivateclientsaccess.com> domain name (the Domain Name) is registered with Shinjiru Technology Sdn Bhd and that Respondent is the current registrant of the name. Shinjiru Technology Sdn Bhd has verified that Respondent is bound by the Shinjiru Technology Sdn Bhd registration agreement and has thereby agreed to resolve domain disputes brought by third parties in accordance with ICANN’s Uniform Domain Name Dispute Resolution Policy (the “Policy”).
On April 8, 2020, the Forum served the Complaint and all Annexes, including a Written Notice of the Complaint setting a deadline of April 28, 2020 by which Respondent could file a Response to the Complaint, via e-mail to all entities and persons listed on Respondent’s registration as technical, administrative, and billing contacts, and to postmaster@ubsprivateclientsaccess.com. Also on April 8, 2020, the Written Notice of the Complaint, notifying Respondent of the e-mail addresses served and the deadline for a Response, was transmitted to Respondent via post and fax to all entities and persons listed on Respondent’s registration as technical, administrative and billing contacts.
Having received no response from Respondent, the Forum transmitted to the parties a Notification of Respondent Default.
On April 30, 2020, pursuant to Complainant's request to have the dispute decided by a single-member Panel, the Forum appointed Charles A. Kuechenmeister as Panelist.
Having reviewed the communications records, the Administrative Panel (the "Panel") finds that the Forum has discharged its responsibility under Paragraph 2(a) of the Rules for Uniform Domain Name Dispute Resolution Policy (the "Rules") "to employ reasonably available means calculated to achieve actual notice to Respondent" through submission of Electronic and Written Notices, as defined in Rule 1 and Rule 2. Therefore, the Panel may issue its decision based on the documents submitted and in accordance with the ICANN Policy, ICANN Rules, the Forum's Supplemental Rules and any rules and principles of law that the Panel deems applicable, without the benefit of any response from Respondent.
Complainant requests that the Domain Name be transferred from Respondent to Complainant.
A. Complainant
Complainant is a financial services firm which provides a wide range of financial services, including banking, investment banking, securities brokerage services, and lending services. It has rights in the UBS mark based upon the registration with the United States Patent and Trademark Office (“USPTO”) (Reg. No. 2,851,071, registered June 8, 2004). The <ubsprivateclientsaccess.com> Domain Name is confusingly similar to Complainant’s mark as its dominant UBS element is identical to Complainant’s mark, and the remainder of the name consists of the generic words “private clients access” and the “.com” generic top-level domain (“gTLD”).
Respondent does not have rights or legitimate interests in the Domain Name. He is not licensed or authorized to use Complainant’s UBS mark and is not commonly known by the Domain Name. Additionally, Respondent is not using the Domain Name in connection with a bona fide offering of goods or services or for a legitimate noncommercial or fair use because the resolving web site impersonates Complainant in furtherance of a fraudulent phishing scheme.
Respondent registered and uses the Domain Name in bad faith. The resolving web site impersonates Complainant as part of a phishing scheme. Respondent’s Domain Name implies a close affiliation with Complainant but he has no relationship or connection with Complainant whatever. Finally, Respondent had constructive and actual knowledge of Complainant’s UBS mark when he registered the Domain Name.
B. Respondent
Respondent did not submit a Response in this proceeding.
Paragraph 15(a) of the Rules instructs this Panel to "decide a complaint on the basis of the statements and documents submitted in accordance with the Policy, these Rules and any rules and principles of law that it deems applicable."
Paragraph 4(a) of the Policy requires a complainant to prove each of the following three elements to obtain an order cancelling or transferring a domain name:
(1) the domain name registered by the respondent is identical or confusingly similar to a trademark or service mark in which the complainant has rights; and
(2) the respondent has no rights or legitimate interests in respect of the domain name; and
(3) the domain name has been registered and is being used in bad faith.
In view of Respondent's failure to submit a response, pursuant to paragraphs 5(f), 14(a) and 15(a) of the Rules the Panel will decide this administrative proceeding on the basis of Complainant's undisputed representations and draw such inferences it considers appropriate pursuant to paragraph 14(b) of the Rules. The Panel is entitled to accept all reasonable allegations set forth in a complaint. Nevertheless, the Panel may deny relief where a complaint contains mere conclusory or unsubstantiated arguments. eGalaxy Multimedia Inc. v. ON HOLD By Owner Ready To Expire, FA 157287 (Forum June 26, 2003) (“Because Complainant did not produce clear evidence to support its subjective allegations [. . .] the Panel finds it appropriate to dismiss the Complaint”), WIPO Overview of WIPO Panel Views on Selected UDRP Questions, Third Edition (WIPO Overview 3.0), at ¶ 4.3 (“In cases involving wholly unsupported and conclusory allegations advanced by the complainant, . . . panels may find that—despite a respondent’s default—a complainant has failed to prove its case.”).
The Panel finds as follows with respect to the matters at issue in this proceeding:
The UBS mark was registered to Complainant with the USPTO (Reg. No. 2,851,071) on June 8, 2004 (Complaint Annex 3). Complainant’s registration of its mark with the USPTO is sufficient to establish its rights in that mark for the purposes of Policy ¶ 4(a)(i). Haas Automation, Inc. v. Jim Fraser, FA 1627211 (Forum Aug. 4, 2015) (finding that Complainant’s USPTO registrations for the HAAS mark sufficently demonstrates its rights in the mark under Policy ¶ 4(a)(i)).
Respondent’s <ubsprivateclientsaccess.com> Domain Name is confusingly similar to Complainant’s UBS mark as the dominant portion of the name consists of the UBS mark and the remainder of it consists of the generic phrase “private client access” and the “.com” gTLD. These changes are not sufficient to distinguish the Domain Name from Complainant’s mark for the purposes of Policy ¶ 4(a)(i). Corporation v. philippe champain, FA 1636675 (Forum Oct. 13, 2015) (finding that geographic designations or terms descriptive of a complainant’s business operations do not remove a domain name from the realm of confusing similarity.), Trip Network Inc. v. Alviera, FA 914943 (Forum Mar. 27, 2007) (concluding that the affixation of a gTLD to a domain name is irrelevant to a Policy ¶ 4(a)(i) analysis). The WIPO Overview 3.0 at ¶ 1.7, states that the test for confusing similarity “typically involves a side-by-side comparison of the domain name and the textual components of the relevant trademark to assess whether the mark is recognizable within the domain name.” Notwithstanding the changes described above, Complainant’s mark is clearly recognizable within the Domain Name. Further, because the phrase “private client access” is closely associated with Complainant’s business, its presence in the Domain Name exacerbates its confusing similarity.
For the reasons set forth above, the Panel finds that the Domain Name is identical or confusingly similar to the UBS mark, in which Complainant has substantial and demonstrated rights.
If a complainant makes a prima facie case that the respondent lacks rights or legitimate interests in the domain name under Policy ¶ 4(a)(ii), the burden of production shifts to respondent to come forward with evidence that it has rights or legitimate interests in it. Neal & Massey Holdings Limited v. Gregory Ricks, FA 1549327 (Forum Apr. 12, 2014) (“Under Policy ¶ 4(a)(ii), Complainant must first make out a prima facie case showing that Respondent lacks rights and legitimate interests in respect of an at-issue domain name and then the burden, in effect, shifts to Respondent to come forward with evidence of its rights or legitimate interests”). If a respondent fails to come forward with such evidence, the complainant’s prima facie evidence will be sufficient to establish that respondent lacks such rights or legitimate interests. If the respondent does come forward with such evidence, the Panel must assess the evidence in its entirety. At all times, the burden of proof remains on the complainant. WIPO Overview 3.0, at ¶ 2.1.
Policy ¶ 4(c) lists the following three nonexclusive circumstances, any one of which if proven can demonstrate a respondent’s rights or legitimate interests in a domain name for the purposes of Policy ¶ 4(a)(ii):
(i) before any notice to the respondent of the dispute, the respondent has used or has made demonstrable preparations to use the domain name or a name corresponding to the domain name in connection with a bona fide offering of goods or services; or
(ii) the respondent (as an individual, business or other organization) has been commonly known by the domain name, even if the respondent has acquired no trademark or service mark rights; or
(iii) the respondent is making a legitimate noncommercial or fair use of the domain name, without intent for commercial gain to misleadingly divert consumers or to tarnish the trademark or service mark at issue.
Complainant asserts that Respondent has no rights or legitimate interests in the Domain Name because (i) Respondent is not commonly known by the Domain Name, (ii) Respondent is not associated with Complainant and Complainant has not licensed, authorized, or otherwise permitted Respondent to use its mark, (iii) Respondent is not using the Domain Name in connection with a bona fide offering of goods or services or for a legitimate noncommercial or fair use because the web site resolving from it impersonates Complainant and attempts to steal personal and financial information. These allegations are addressed as follows:
The WHOIS information furnished to the Forum by the registrar lists the registrant of the Domain Name as “William Ricaldo.” This name bears no resemblance to the Domain Name. Evidence could, of course, in a given case demonstrate that the respondent is commonly known by a domain name different from the name in which it registered the domain name, e.g., a domain name incorporating the brand name of a specific product offered by and associated with the respondent. In the absence of any such evidence, however, UDRP panels have consistently held that evidence of a registrant name which does not correspond with the domain name is sufficient to demonstrate that the respondent is not commonly known by the domain name. Guardair Corporation v. Pablo Palermo, FA1407001571060 (Forum Aug. 28, 2014) (holding that the respondent was not commonly known by the <guardair.com> domain name according to Policy ¶ 4(c)(ii), as the WHOIS information lists “Pablo Palermo” as registrant of the disputed domain name). Respondent has not been commonly known by the Domain Name for the purposes of Policy ¶ 4(c)(ii).
Complainant states that it has no relationship or association with Respondent and has never authorized or permitted Respondent to use its mark in any way. Complainant has specific competence to make this statement, and it is unchallenged by any evidence before the Panel. In the absence of evidence that a respondent is authorized to use a complainant’s mark in a domain name or that a respondent is commonly known by the disputed domain name, the respondent may be presumed to lack rights or legitimate interests in the domain name. IndyMac Bank F.S.B. v. Eshback, FA 830934 (Forum Dec. 7, 2006) (finding that the respondent failed to establish rights and legitimate interests in the <emitmortgage.com> domain name as the respondent was not authorized to register domain names featuring the complainant’s mark and failed to submit evidence that it is commonly known by the domain name), Indeed, Inc. v. Ankit Bhardwaj / Recruiter, FA 1739470 (Forum Aug. 3, 2017) (”Respondent lacks both rights and legitimate interests in respect of the at-issue domain name. Respondent is not authorized to use Complainant’s trademark in any capacity and, as discussed below, there are no Policy ¶ 4(c) circumstances from which the Panel might find that Respondent has rights or interests in respect of the at-issue domain name.”).
Complaint Annex 4 is a screenshot of the web site resolving from the Domain Name. At the top of the page are Complainant’s UBS word mark and registered logo, and the words “Welcome to UBS” and “Get best rates for your assets.” Below that are fields for the visitor to enter his or her access code and personal identification number, and a login box. This is clearly an attempt by Respondent, posing as Complainant, to obtain the visitor’s login ID and password for his or her accounts at Complainant’s bank. This is classic phishing, which is defined as a fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details by disguising oneself as a trustworthy entity in an electronic communication (Wikipedia). Passing off as a complainant in furtherance of a phishing scheme is neither a bona fide offering of goods or services within the meaning of Policy ¶ 4(c)(i) nor a legitimate noncommercial or fair use within the meaning of Policy ¶ 4(c)(iii). DaVita Inc. v. Cynthia Rochelo, FA 1738034 (Forum July 20, 2017) (”Passing off in furtherance of a phishing scheme is not considered a bona fide offering of goods or services or legitimate noncommercial or fair use.”), Virtu Financial Operating, LLC v. Lester Lomax, FA1409001580464 (Forum Nov. 14, 2014) (finding that the respondent had failed to provide a bona fide offering of goods or services, or a legitimate noncommercial or fair use of the disputed domain name under Policy ¶ 4(c)(i) and Policy ¶ 4(c)(iii) where the respondent was using the disputed domain name to phish for Internet users’ personal information by offering a fake job posting on the resolving website).
Complainant has made its prima facie case. On the evidence presented, and in the absence of any evidence from Respondent, the Panel finds that Respondent has no rights or legitimate interests in the Domain Name.
Policy ¶ 4(b) sets forth a nonexclusive list of four circumstances, any one of which if proven would be evidence of bad faith use and registration of a domain name. They are as follows:
(i) circumstances indicating that the respondent has registered or acquired the domain name primarily for the purpose of selling, renting, or otherwise transferring the domain name registration to the complainant which is the owner of the trademark or service mark or to a competitor of that complainant, for valuable consideration in excess of the respondent’s documented out-of-pocket costs directly related to the domain name; or
(ii) the respondent has registered the domain name in order to prevent the owner of the trademark or service mark from reflecting the mark in a corresponding domain name, provided that the respondent has engaged in a pattern of such conduct; or
(iii) the respondent has registered the domain name primarily for the purpose of disrupting the business of a competitor; or
(iv) by using the domain name, the respondent has intentionally attempted to attract, for commercial gain, Internet users to the respondent’s web site or other on-line location, by creating a likelihood of confusion with the complainant’s mark as to the source, sponsorship, affiliation or endorsement of the respondent’s web site or location or of a product of service on the respondent ‘s web site or location.
The evidence of Respondent’s conduct discussed above in the rights or legitimate interests analysis also supports a finding of bad faith registration and use, based upon the foregoing grounds stated in the Policy and upon additional grounds adopted by UDRP panels over the years. First, Respondent is clearly using the Domain Name to attract, for commercial gain, Internet users to its web site by creating a likelihood of confusion with the Complainant’s mark as to the source, sponsorship, affiliation or endorsement of its web site, as described in Policy ¶ 4(b)(iv). The opportunity for commercial gain is obvious: Once Respondent obtains a login identity and pass code he is able to enter and raid the banking accounts Complainant’s customers. This was Respondent’s intent when he registered the Domain Name and continues to be his intent as he uses the Domain Name. It is clear evidence of bad faith.
As discussed above, Respondent is using the Domain Name to conduct a phishing scam. Policy ¶ 4(b) recognizes that mischief can assume many different forms and takes an open-ended approach to bad faith, listing some examples without attempting to enumerate all its varieties. Worldcom Exchange, Inc. v. Wei.com, Inc., WIPO Case No. D-2004-0955 (January 5, 2005), Bloomberg Finance L.P. v. Domain Admin - This Domain is For Sale on GoDaddy.com / Trnames Premium Name Services, FA 1714157 (Forum Mar. 8, 2017) (determining that Policy ¶ 4(b) provisions are merely illustrative of bad faith, and that the respondent’s bad faith may be demonstrated by other allegations of bad faith under the totality of the circumstances). The non-exclusive nature of Policy ¶ 4(b) allows for consideration of additional factors in an analysis for bad faith, and phishing has, in and of itself, been held to be evidence of bad faith registration and use. McKinsey & Company, Inc., and McKinsey Holdings, Inc. v. Privacy Protection, report abuse to / Registrar: DELTA-X Ltd., FA1409001580883 (Forum Oct. 25, 2014) (holding that the respondent had engaged in phishing, which is further evidence of bad faith registration and use pursuant to Policy ¶ 4(a)(iii), when the respondent used the disputed domain name in an attempt to obtain Internet users’ personal information including their driver’s license number and name).
Next, Respondent registered and is using the Domain Name, which incorporates the UBS mark verbatim, but as discussed above he has no connection with that mark or its owner, the Complainant. Given the nonexclusive nature of Policy ¶ 4(b), the use of a domain name that is confusingly similar to a trademark with which the respondent has no connection has frequently been held to be evidence of opportunistic bad faith. Kraft Foods (Norway) v. Wide, D2000-0911 (WIPO Sept. 23, 2000) (“[T]he fact that Respondent chosen [sic] to register a well-known mark to which [it] has no connections or rights indicates that [it] was in bad faith when registering the domain name at issue.”), Google LLC v. Noboru Maruyama / Personal, FA 2001001879162 (Forum March 3, 2020) (“the registration and use of domain name that is confusingly similar to a trademark with which the respondent has no connection has frequently been held to be evidence of bad faith.”).
Finally, Complainant asserts that Respondent had constructive or actual knowledge of Complainant and its UBS mark when he registered the Domain Name. Arguments of bad faith based on constructive notice are not well-taken, as UDRP panels have most frequently declined to find bad faith based upon constructive knowledge. The Way Int'l, Inc. v. Diamond Peters, D2003-0264 (WIPO May 29, 2003) ("As to constructive knowledge, the Panel takes the view that there is no place for such a concept under the Policy."). Nevertheless, it is evident that Respondent had actual knowledge of Complainant and its mark when he registered the Domain Name. Complainant’s UBS mark has been used by it in commerce since 1998 (Complaint Annex 3) and is known throughout the world (Complaint Annex 2). Respondent copied that mark verbatim into the Domain Name, and affirmatively poses as Complainant on his web site. Given the non-exclusive nature of Policy ¶ 4(b), registering a confusingly similar domain name with actual knowledge of a complainant’s rights in its mark has often been held to be evidence of bad faith registration and use for the purposes of Policy ¶ 4(a)(iii). Univision Comm'cns Inc. v. Norte, FA 1000079 (Forum Aug. 16, 2007) (rejecting the respondent's contention that it did not register the disputed domain name in bad faith since the panel found that the respondent had knowledge of the complainant's rights in the UNIVISION mark when registering the disputed domain name).
For the reasons set forth above, the Panel finds that Respondent registered and is using the Domain Name in bad faith within the meaning of Policy ¶ 4(a)(iii).
Complainant having established all three elements required under the ICANN Policy, the Panel concludes that relief shall be GRANTED.
Accordingly, it is Ordered that the <ubsprivateclientaccess.com> Domain Name be TRANSFERRED from Respondent to Complainant.
Charles A. Kuechenmeister, Panelist
May 1, 2020
Click Here to return to the main Domain Decisions Page.
Click Here to return to our Home Page