FACTS ASSERTED BY THE COMPLAINANT AND NOT CONTESTED BY THE RESPONDENT:
The Complainant TEVA PHARMACEUTICAL INDUSTRIES LTD. (“Complainant,” together with its subsidiaries, collectively, “Teva” or the “Teva Group”).
The Complainant states that when the proceeding was initiated, Whois Privacy Protection Service (eNom's backend service provider for proxy registration services) was the domain holder. A "proxy service" is a service through which a registered name holder licenses use of a registered name to the privacy/proxy customer in order to provide such customer use of the domain name, and the registered name holder's contact information is displayed in the Whois, rather than the privacy/proxy customer's contact information.
During the registrar verification process with eNom, however, it became clear that the beneficiary/customer/licensee of Whois Privacy Protection Service (defined in the 2013 as the "P/P Customer") use the account "cuvert.robert@gmail.com" to submit the registration request in the name of "Drew Lewis" in California, USA, but that according to historical Whois records (e.g., Annex 6, at BN29M-BN29P), the account "cuvert.robert@gmail.com" (the email address of the P/P customer) has also been used to register domain names in the name of "Cuvert Robert" in Front Royal, Great Britain, and "Edie Gross" in New York, USA. Therefore, the Complainant is reluctant to identify the Respondent (domain holder) by the name submitted to the proxy service by the P/P Customer because it may be an innocent persons' identity that was being misused to register the domain name.
Trademark/Service Mark Information:
Teva is a leading global pharmaceutical company, committed to increasing access to high-quality healthcare by developing, producing and marketing affordable generic drugs as well as innovative and specialty pharmaceuticals and active pharmaceutical ingredients. Headquartered in Israel, Teva is the world's leading generic drug maker, with a global product portfolio of more than 1,000 molecules and a direct presence in approximately 60 countries. Its specialty medicines businesses focus on central nervous system, respiratory, oncology, pain, and women's health therapeutic areas as well as biologics. The Teva Group currently employs approximately 45,000 people around the world and reached $20.3 billion in net revenues in 2013.
The disputed domain name was registered on January 19, 2015.
Well before the disputed domain was registered, the Complainant has been continuously the registered proprietor of the trademark TEVA in numerous countries, including in the United States of America, the location of the proxy service that the Respondent used to register the disputed domain name. Therefore, the Complainant is of the opinion it has established rights in its registered trademark under the Policy as of at least the filing date of its U.S. registration.
1. Confusing similarity.
According to the Complainant the disputed domain name is confusingly similar to the TEVA mark in which the Complainant has rights.
2. Rights to or Legitimate Interests.
The Complainant states the Respondent has no right to or legitimate interests in using the disputed domain name for cybercriminal activities consisting of phishing attacks on its own team members (or on anyone outside of the Teva Group).
While the disputed domain name has not yet been used to Complainant's knowledge to re-direct or host a phishing website per se, use of the dispute domain name as part of phishing email campaign (as opposed to a phishing website) to compromise corporate credit card information is no more of a legitimate interest than re-directing the domain name to a phishing website, or hosting a phishing site on the domain name. Until it was temporarily suspended by eNom after initiation of the proceeding, a reply to the email account hosted on the domain name was actually (unless disrupted already by Complainant) routed to the Respondent, and the mailbox constitutes an online location. Unless transferred, the Respondent can transfer the domain to another registrar and re-implement the phishing attack via other providers.
3. Registered and used in Bad Faith.
According to the Complainant the domain was registered with the malicious intent of profiting by disrupting Teva's business, specifically by spoofing its identity in executing phishing attacks within the Teva Group. Phishing is a criminal mechanism employing both social engineering and technical subterfuge to steal personal identity data and financial account credentials. The Respondent employed social engineering by pretending to be the head of talent acquisition within the U.S. subsidiary of the Teva Group. The Respondent employed technical subterfuge by using an email account "drew.lewis@us-teva.com" and using the disputed domain name to send emails attacking Teva team members with fraudulent travel requests in order to compromise corporate credit card information.
Respondent’s motive is to cash in on personal data obtained through cybercriminal activities. While any possible criminal aspect lies beyond the scope of the UDRP, use of a domain name to execute email phishing attacks is clearly a violation of the bad faith registration. There is also a deliberate attempt to use false contact information, which has at times been found to be grounds for bad faith use and registration under the Policy. The evidence on false contact information is additional grounds for bad faith registration and use in this case. Id. While this is not one of the enumerated grounds for bad faith under the Policy in paragraphs 4(b)(i-iv), paragraph 15(a) of the Rules gives the Panel the authority to find additional bad faith grounds where appropriate.
Therefore, Complainant has discharged its burden of proof under paragraph 4(a)(iii) of the Policy to show that the Respondent has registered and is using the disputed domain name in bad faith.
|