| Case number | CAC-UDRP-103084 |
|---|---|
| Time of filing | 2020-05-25 16:10:36 |
| Domain names | trypepsi.com |
Case administrator
| Name | Šárka Glasslová (Case admin) |
|---|
Complainant
| Organization | PepsiCo, Inc. |
|---|
Complainant representative
| Organization | RiskIQ, Inc. c/o Jonathan Matkowsky |
|---|
Respondent
| Organization | Classy Creations |
|---|
Other Legal Proceedings
The Panel is not aware of any pending or decided proceedings related to the disputed domain name.
Identification Of Rights
The Complainant is the owner of various trademark registrations, such as :
• The U.S. word trademark No. 1317551, PEPSI, registered on February 5, 1985 in classes 04, 06, 09, 11, 14, 16, 18, 20, 21, 24, 25, 26 and 28.
• The U.S semi-figurative trademark No.3026568, PEPSICO, registered on December 13, 2005, in classes 16, 18 and 25.
• The European Union word trademark No. 000105247, PEPSI, registered on October 28, 1998 in classes 25 and 32.
• The Mexican Trademark No. 950496, PEPSICO, registered on August 29, 2006 in class 32.
The Complainant is the owner of various domain names, including:
• <pepsi.com> created on January 14, 1993.
• <pepsico.com> created on October 19, 1993.
• <mypepsico.com> created on July 1, 2003.
The disputed domain name is:
<trypepsi.com> created on April 20, 2020.
The Complainant contends that the disputed domain name is used for phishing practices, in order to collect personal and sensitive banking data.
• The U.S. word trademark No. 1317551, PEPSI, registered on February 5, 1985 in classes 04, 06, 09, 11, 14, 16, 18, 20, 21, 24, 25, 26 and 28.
• The U.S semi-figurative trademark No.3026568, PEPSICO, registered on December 13, 2005, in classes 16, 18 and 25.
• The European Union word trademark No. 000105247, PEPSI, registered on October 28, 1998 in classes 25 and 32.
• The Mexican Trademark No. 950496, PEPSICO, registered on August 29, 2006 in class 32.
The Complainant is the owner of various domain names, including:
• <pepsi.com> created on January 14, 1993.
• <pepsico.com> created on October 19, 1993.
• <mypepsico.com> created on July 1, 2003.
The disputed domain name is:
<trypepsi.com> created on April 20, 2020.
The Complainant contends that the disputed domain name is used for phishing practices, in order to collect personal and sensitive banking data.
Factual Background
FACTS ASSERTED BY THE COMPLAINANT AND NOT CONTESTED BY THE RESPONDENT:
Pepsico, Inc. (the Complainant) is a famous international company which has been used to produce soft drinks since 1911 and is well-known in more than 200 countries. The Complainant generated 64 billion dollars in 2018 and it asserts that it owns nine hundred active registrations for PEPSI-variant brands that includes PEPSI-COLA, PEPSI and PEPSICO, which are well known and famous trademarks associated in the public mind with the Complainant's business
PEPSI is known by consumers as a shortened version of the “PEPSI-COLA" mark that first denoted PepsiCo's soft drinks in 1898.
The Complainant explains that the PEPSI Trademark is famous and in particular properly classified in several international’s classifications including the best global brands 2019 rankings which demonstrates the notoriety of the brand.
It asserts that the disputed domain name is used for a harmful cyber activity consisting of phishing and malware. Specifically, on May 11, 2020, a directory of Chase bank phishing materials was configured on the disputed domain name. A user is prompted to enter the Chase bank username and password.
The website on the domain uses social engineering and technical subterfuge to lull users to this page by telling them that they need to click "Message Received" to verify their identity under the U.S. Patriot Act or their account will remain inactive and no transactions will be permitted impersonating the JPMorgan Chase Bank COO.
The domain was also observed being used in connection with malware distribution in the form of a defacement trojan.
The Complainant explains that, In the live re-directs, the second to last image fetches an image from Blogger. A demonstrative of the landing page on the disputed domain with the message it has been hacked in included; audio is fetched from an mp3 file. Other websites fetched from the same host where the mp3 file is located include a site defaced on another well-known bank in the form of a subdomain and the same Javascript code that is fetched from the disputed domain name has been observed fetching pornographic materials (the domain re-directs to pornography) and to an Apple login phishing page. The Apple login may no longer be active because it is being reported prior to submission of the complaint. Other domains registered with the same email account also host defacement materials, presumably to distribute defacement trojans. For instance, the domain <jacqleengrace.com> is registered with the same mail account as the disputed domain name.
The Complainant requests the transfer of the disputed domain name.
Pepsico, Inc. (the Complainant) is a famous international company which has been used to produce soft drinks since 1911 and is well-known in more than 200 countries. The Complainant generated 64 billion dollars in 2018 and it asserts that it owns nine hundred active registrations for PEPSI-variant brands that includes PEPSI-COLA, PEPSI and PEPSICO, which are well known and famous trademarks associated in the public mind with the Complainant's business
PEPSI is known by consumers as a shortened version of the “PEPSI-COLA" mark that first denoted PepsiCo's soft drinks in 1898.
The Complainant explains that the PEPSI Trademark is famous and in particular properly classified in several international’s classifications including the best global brands 2019 rankings which demonstrates the notoriety of the brand.
It asserts that the disputed domain name is used for a harmful cyber activity consisting of phishing and malware. Specifically, on May 11, 2020, a directory of Chase bank phishing materials was configured on the disputed domain name. A user is prompted to enter the Chase bank username and password.
The website on the domain uses social engineering and technical subterfuge to lull users to this page by telling them that they need to click "Message Received" to verify their identity under the U.S. Patriot Act or their account will remain inactive and no transactions will be permitted impersonating the JPMorgan Chase Bank COO.
The domain was also observed being used in connection with malware distribution in the form of a defacement trojan.
The Complainant explains that, In the live re-directs, the second to last image fetches an image from Blogger. A demonstrative of the landing page on the disputed domain with the message it has been hacked in included; audio is fetched from an mp3 file. Other websites fetched from the same host where the mp3 file is located include a site defaced on another well-known bank in the form of a subdomain and the same Javascript code that is fetched from the disputed domain name has been observed fetching pornographic materials (the domain re-directs to pornography) and to an Apple login phishing page. The Apple login may no longer be active because it is being reported prior to submission of the complaint. Other domains registered with the same email account also host defacement materials, presumably to distribute defacement trojans. For instance, the domain <jacqleengrace.com> is registered with the same mail account as the disputed domain name.
The Complainant requests the transfer of the disputed domain name.
Parties Contentions
NO ADMINISTRATIVELY COMPLIANT RESPONSE HAS BEEN FILED.
PARTIES' CONTENTIONS:
COMPLAINANT:
The Complainant submits that the disputed domain name <trypepsi.com> is confusingly similar to its PEPSI and PEPSICO trademarks.
The descriptive word "try" does nothing to distinguish the disputed domain name from the well-known trademark PEPSI as this mark is associated in the public mind with Complainant's business. "The top level domain “.com” is to be neglected in this respect.". Therefore, the disputed domain name is confusingly similar to the Complainant’s trademark PEPSI, which the Complainant has rights in accordance with paragraph 4(a)(i) of the Policy.
The Complainant submits that the Respondent has no rights or legitimate interests in respect of the disputed domain name.
It asserts that the Respondent is not licensed or otherwise authorized to use the Complainant´s mark in any way, and Complainant has not given Respondent permission to use its mark in the disputed domain name. Respondent is not commonly known by the disputed domain name nor had demonstrated that it has rights or legitimate interests in the disputed domain name.
Furthermore, the Complainant adds that it has various and ancient trademarks and in particular PEPSI which is very famous, in such a way that the Respondent could not register the disputed domain name without knowledge of the Complainant’s fame, name and activities.
The Complainant submits that the Respondent registered the disputed domain and it is being used for a harmful cyber activity consisting of phishing and malware distribution.
The Complainant relies on a prior UDRP Decision 102290, to assert that the Respondent has no rights or legitimate interest in respect of the disputed domain name because it is used for illegal activity.
The Complainant contends that the Respondent registered and is using the disputed domain name in bad faith.
It relies on a prior UDRP Decision 101999. According to this decision: “The mere registration of a domain name...incorporating the mark plus a descriptive term to a famous or widely-known trademark by an unaffiliated entity creates a presumption of bad faith."
The Complainant asserts that the Respondent has intentionally attempted to attract, for commercial gain, internet users to its website by creating a likelihood of confusion with the Complainant's marks as to the source, sponsorship, affiliation, or endorsement of this website and the products advertised on it, irrespective of the fact that such “products” are fraudulent.
Under these circumstances, Complainant submits that it has satisfied all three elements of the Policy.
PARTIES' CONTENTIONS:
COMPLAINANT:
The Complainant submits that the disputed domain name <trypepsi.com> is confusingly similar to its PEPSI and PEPSICO trademarks.
The descriptive word "try" does nothing to distinguish the disputed domain name from the well-known trademark PEPSI as this mark is associated in the public mind with Complainant's business. "The top level domain “.com” is to be neglected in this respect.". Therefore, the disputed domain name is confusingly similar to the Complainant’s trademark PEPSI, which the Complainant has rights in accordance with paragraph 4(a)(i) of the Policy.
The Complainant submits that the Respondent has no rights or legitimate interests in respect of the disputed domain name.
It asserts that the Respondent is not licensed or otherwise authorized to use the Complainant´s mark in any way, and Complainant has not given Respondent permission to use its mark in the disputed domain name. Respondent is not commonly known by the disputed domain name nor had demonstrated that it has rights or legitimate interests in the disputed domain name.
Furthermore, the Complainant adds that it has various and ancient trademarks and in particular PEPSI which is very famous, in such a way that the Respondent could not register the disputed domain name without knowledge of the Complainant’s fame, name and activities.
The Complainant submits that the Respondent registered the disputed domain and it is being used for a harmful cyber activity consisting of phishing and malware distribution.
The Complainant relies on a prior UDRP Decision 102290, to assert that the Respondent has no rights or legitimate interest in respect of the disputed domain name because it is used for illegal activity.
The Complainant contends that the Respondent registered and is using the disputed domain name in bad faith.
It relies on a prior UDRP Decision 101999. According to this decision: “The mere registration of a domain name...incorporating the mark plus a descriptive term to a famous or widely-known trademark by an unaffiliated entity creates a presumption of bad faith."
The Complainant asserts that the Respondent has intentionally attempted to attract, for commercial gain, internet users to its website by creating a likelihood of confusion with the Complainant's marks as to the source, sponsorship, affiliation, or endorsement of this website and the products advertised on it, irrespective of the fact that such “products” are fraudulent.
Under these circumstances, Complainant submits that it has satisfied all three elements of the Policy.
Rights
Paragraph 4(a)(i) of the Policy requires a Complainant to show that a domain name is identical or confusingly similar to a trademark or service mark in which the Complainant has rights.
The Complainant has submitted evidence of its prior registered PEPSI trademark which are protected in the U.S., in the EU, as well of its prior PEPSICO trademarks which are protected in the U.S. and in Mexico.
The numerous trademarks composed with PEPSI or PEPSICO are not taken into account to decide on this case.
A mere list of trademarks on 119 pages is not relevant to prove prior rights on the listed trademarks, even when the owner is worldwide well-known.
The disputed domain name entirely incorporates the Complainant’s worldwide well-known PEPSI trademark.
The addition of the descriptive term “try” does not exclude any likelihood of confusion.
The confusing similarity is neither affected by the extension “.com” since it is a technical necessity in the use of internet.
The Complainant has, to the satisfaction of the Panel, shown the disputed domain name is identical or confusingly similar to a trademark or service mark in which the Complainant has rights (within the meaning of paragraph 4(a)(i) of the Policy).
The Complainant has submitted evidence of its prior registered PEPSI trademark which are protected in the U.S., in the EU, as well of its prior PEPSICO trademarks which are protected in the U.S. and in Mexico.
The numerous trademarks composed with PEPSI or PEPSICO are not taken into account to decide on this case.
A mere list of trademarks on 119 pages is not relevant to prove prior rights on the listed trademarks, even when the owner is worldwide well-known.
The disputed domain name entirely incorporates the Complainant’s worldwide well-known PEPSI trademark.
The addition of the descriptive term “try” does not exclude any likelihood of confusion.
The confusing similarity is neither affected by the extension “.com” since it is a technical necessity in the use of internet.
The Complainant has, to the satisfaction of the Panel, shown the disputed domain name is identical or confusingly similar to a trademark or service mark in which the Complainant has rights (within the meaning of paragraph 4(a)(i) of the Policy).
No Rights or Legitimate Interests
Pursuant to paragraph 4(c) of the Policy, the Respondent may establish rights or legitimate interests in the domain name by demonstrating any of the following:
(i) before any notice to it of the dispute, the Respondent’s use of, or demonstrable preparations to use, the domain name or a name corresponding to the domain name in connection with a bona fide offering of goods or services; or
(ii) the Respondent has been commonly known by the domain name, even if it has acquired no trademark or service mark rights; or
(iii) the Respondent is making a legitimate non-commercial or fair use of the domain name, without intent for commercial gain, to misleadingly divert consumers, or to tarnish the trademark or service mark at issue.
The Respondent did not respond to the Complaint. Consequently, it did not provide any evidence or allege any circumstance to establish that it has rights or legitimate interests in the disputed domain name.
The Respondent is not related in any way with the Complainant and the Complainant has not given to the Respondent the permission to use its trademarks in the disputed domain name.
Furthermore, there is no indication that the Respondent is commonly known by the term “PEPSI” or “PEPSICO”, or that the Respondent is using the disputed domain name in connection with a bona fide offering of goods or services.
The Respondent used the disputed domain name for phishing practices, to collect personal and sensitive data.
So the Complainant establishes a prima facie case that the disputed domain name was registered for purposes of carrying out phishing practices. Such use is neither bona fide nor a legitimate noncommercial fair use
The consensus of previous decisions under the Policy is that a Complainant may establish this element by making out a prima facie case, not rebutted by the Respondent, that the Respondent has no rights or legitimate interests in a domain name.
Where the Panel finds that a Complainant has made out such a prima facie case, the burden of production shifts to the Respondent to bring forward evidence of such rights or legitimate interests.
In the present case, the Panel is of the view that the Complainant has made out a prima facie case that the Respondent has no rights or legitimate interests in the disputed domain name.
The Complainant has, to the satisfaction of the Panel, shown the Respondent to have no rights or legitimate interests in respect of the disputed domain name (within the meaning of paragraph 4(a)(ii)of the Policy).
(i) before any notice to it of the dispute, the Respondent’s use of, or demonstrable preparations to use, the domain name or a name corresponding to the domain name in connection with a bona fide offering of goods or services; or
(ii) the Respondent has been commonly known by the domain name, even if it has acquired no trademark or service mark rights; or
(iii) the Respondent is making a legitimate non-commercial or fair use of the domain name, without intent for commercial gain, to misleadingly divert consumers, or to tarnish the trademark or service mark at issue.
The Respondent did not respond to the Complaint. Consequently, it did not provide any evidence or allege any circumstance to establish that it has rights or legitimate interests in the disputed domain name.
The Respondent is not related in any way with the Complainant and the Complainant has not given to the Respondent the permission to use its trademarks in the disputed domain name.
Furthermore, there is no indication that the Respondent is commonly known by the term “PEPSI” or “PEPSICO”, or that the Respondent is using the disputed domain name in connection with a bona fide offering of goods or services.
The Respondent used the disputed domain name for phishing practices, to collect personal and sensitive data.
So the Complainant establishes a prima facie case that the disputed domain name was registered for purposes of carrying out phishing practices. Such use is neither bona fide nor a legitimate noncommercial fair use
The consensus of previous decisions under the Policy is that a Complainant may establish this element by making out a prima facie case, not rebutted by the Respondent, that the Respondent has no rights or legitimate interests in a domain name.
Where the Panel finds that a Complainant has made out such a prima facie case, the burden of production shifts to the Respondent to bring forward evidence of such rights or legitimate interests.
In the present case, the Panel is of the view that the Complainant has made out a prima facie case that the Respondent has no rights or legitimate interests in the disputed domain name.
The Complainant has, to the satisfaction of the Panel, shown the Respondent to have no rights or legitimate interests in respect of the disputed domain name (within the meaning of paragraph 4(a)(ii)of the Policy).
Bad Faith
Paragraph 4(b) of the Policy sets out examples of circumstances that will be considered by a panel to be evidence of bad faith registration and use of a domain name. It provides that:
“For the purposes of paragraph 4(a)(iii), the following circumstances, in particular but without limitation, if found by the Panel to be present, shall be evidence of the registration and use of a domain name in bad faith:
(i) circumstances indicating that the Respondent has registered or the Respondent has acquired the domain name primarily for the purpose of selling, renting, or otherwise transferring the domain name registration to the Complainant who is the owner of the trademark or service mark or to a competitor of that Complainant, for valuable consideration in excess of the Respondent’s documented out-of-pocket costs directly related to the domain name; or
(ii) the Respondent has registered the domain name in order to prevent the owner of the trademark or service mark from reflecting the mark in a corresponding domain name, provided that the Respondent has engaged in a pattern of such conduct; or
(iii) the Respondent has registered the domain name primarily for the purpose of disrupting the business of a competitor; or
(iv) by using the domain name, the Respondent has intentionally attempted to attract, for commercial gain, Internet users to your website or other on-line location, by creating a likelihood of confusion with the Complainant’s mark as to the source, sponsorship, affiliation, or endorsement of the Respondent’s website or location or of a product or service on the Respondent’s website or location.”
Using the disputed domain name that incorporates the famous PEPSI trademarks may have contributed to improve the ranking of the website related to the Chase Bank and dedicated to phishing practices.
Given the illegal use of the disputed domain name for phishing practices, to collect personal and banking data, using the fame of the PEPSI worldwide well-known trademark, the Panel finds that the Respondent was well aware of the Complainant’s rights in the PEPSI trademark when it registered the disputed domain name.
The Respondent could not register the disputed domain name without knowledge of the Complainant’s fame, name and activities.
The mere registration of a domain name incorporating the trade mark plus a descriptive term, creates a presumption of bad faith because it may be inferred that the Respondent, at the time it registered the disputed domain name, knew of the Complainant's exclusive rights in the well-known PEPSI trademarks and thus the Respondent registered it in bad faith.
The sole use of the disputed domain name for phishing practices is a proof of bad faith use.
Therefore, the Panel finds that the disputed domain name was registered and used in bad faith with the Complainant in mind, to disrupt the Complainant’s activities, by creating a likelihood of confusion with the Complainant’s PEPSI and PEPSICO trademarks.
The Respondent’s registration and use of the confusingly similar disputed domain name is the Respondent’s attempt to intentionally attract, for commercial gain, internet users to its website or other online location and is thus evidence of the Respondent’s bad faith.
The Complainant has, to the satisfaction of the Panel, shown the disputed domain name has been registered and is being used in bad faith (within the meaning of paragraph 4(a)(iii) of the Policy).
“For the purposes of paragraph 4(a)(iii), the following circumstances, in particular but without limitation, if found by the Panel to be present, shall be evidence of the registration and use of a domain name in bad faith:
(i) circumstances indicating that the Respondent has registered or the Respondent has acquired the domain name primarily for the purpose of selling, renting, or otherwise transferring the domain name registration to the Complainant who is the owner of the trademark or service mark or to a competitor of that Complainant, for valuable consideration in excess of the Respondent’s documented out-of-pocket costs directly related to the domain name; or
(ii) the Respondent has registered the domain name in order to prevent the owner of the trademark or service mark from reflecting the mark in a corresponding domain name, provided that the Respondent has engaged in a pattern of such conduct; or
(iii) the Respondent has registered the domain name primarily for the purpose of disrupting the business of a competitor; or
(iv) by using the domain name, the Respondent has intentionally attempted to attract, for commercial gain, Internet users to your website or other on-line location, by creating a likelihood of confusion with the Complainant’s mark as to the source, sponsorship, affiliation, or endorsement of the Respondent’s website or location or of a product or service on the Respondent’s website or location.”
Using the disputed domain name that incorporates the famous PEPSI trademarks may have contributed to improve the ranking of the website related to the Chase Bank and dedicated to phishing practices.
Given the illegal use of the disputed domain name for phishing practices, to collect personal and banking data, using the fame of the PEPSI worldwide well-known trademark, the Panel finds that the Respondent was well aware of the Complainant’s rights in the PEPSI trademark when it registered the disputed domain name.
The Respondent could not register the disputed domain name without knowledge of the Complainant’s fame, name and activities.
The mere registration of a domain name incorporating the trade mark plus a descriptive term, creates a presumption of bad faith because it may be inferred that the Respondent, at the time it registered the disputed domain name, knew of the Complainant's exclusive rights in the well-known PEPSI trademarks and thus the Respondent registered it in bad faith.
The sole use of the disputed domain name for phishing practices is a proof of bad faith use.
Therefore, the Panel finds that the disputed domain name was registered and used in bad faith with the Complainant in mind, to disrupt the Complainant’s activities, by creating a likelihood of confusion with the Complainant’s PEPSI and PEPSICO trademarks.
The Respondent’s registration and use of the confusingly similar disputed domain name is the Respondent’s attempt to intentionally attract, for commercial gain, internet users to its website or other online location and is thus evidence of the Respondent’s bad faith.
The Complainant has, to the satisfaction of the Panel, shown the disputed domain name has been registered and is being used in bad faith (within the meaning of paragraph 4(a)(iii) of the Policy).
Procedural Factors
The Panel is satisfied that all procedural requirements under UDRP were met and there is no other reason why it would be inappropriate to provide a decision.
Principal Reasons for the Decision
The disputed domain name entirely incorporates the Complainant’s worldwide well-known PEPSI trademark.
The addition of the descriptive term “try” does not exclude any likelihood of confusion.
The Respondent used the disputed domain name for phishing practices, to collect personal and sensitive data.
So the Complainant establishes a prima facie case that the disputed domain name was registered for purposes of carrying out phishing practices. Such use is neither bona fide nor a legitimate noncommercial fair use.
The Respondent could not register the disputed domain name without knowledge of the Complainant’s fame, name and activities.
The mere registration of a domain name incorporating the trade mark plus a descriptive term, creates a presumption of bad faith because it may be inferred that the Respondent, at the time it registered the disputed domain name, knew of the Complainant's exclusive rights in the well-known PEPSI trademarks and thus the Respondent registered it in bad faith.
The sole use of the disputed domain name for phishing practices is a proof of bad faith use.
The addition of the descriptive term “try” does not exclude any likelihood of confusion.
The Respondent used the disputed domain name for phishing practices, to collect personal and sensitive data.
So the Complainant establishes a prima facie case that the disputed domain name was registered for purposes of carrying out phishing practices. Such use is neither bona fide nor a legitimate noncommercial fair use.
The Respondent could not register the disputed domain name without knowledge of the Complainant’s fame, name and activities.
The mere registration of a domain name incorporating the trade mark plus a descriptive term, creates a presumption of bad faith because it may be inferred that the Respondent, at the time it registered the disputed domain name, knew of the Complainant's exclusive rights in the well-known PEPSI trademarks and thus the Respondent registered it in bad faith.
The sole use of the disputed domain name for phishing practices is a proof of bad faith use.
For all the reasons stated above, the Complaint is
Accepted
and the disputed domain name(s) is (are) to be
- TRYPEPSI.COM: Transferred
PANELLISTS
| Name | Marie-Emmanuelle Haas, Avocat |
|---|
Date of Panel Decision
2020-07-07
Publish the Decision