Decision for dispute CAC-UDRP-103763

The Panel is not aware of any other legal proceedings which are pending or decided and which relate to the disputed domain name.

The Complainant has evidenced to be the owner of the following trademark registrations:

- International trademark registration n. 920896 “INTESA SANPAOLO”, granted on March 7, 2007, and duly renewed, with protection in classes 9, 16, 35, 36, 41 and 42;

- EU trademark registration n. 5301999 “INTESA SANPAOLO”, granted on June 18, 2007, and duly renewed, with protection in classes 35, 36 and 38;

- EU trademark registration n. 12247979 “INTESA”, granted on March 5, 2014, and duly renewed, with protection in classes 9, 16, 35, 36, 38, 41 and 42.

FACTS ASSERTED BY THE COMPLAINANT AND NOT CONTESTED BY THE RESPONDENT:

THE DISPUTED DOMAIN NAME IS IDENTICAL OR CONFUSINGLY SIMILAR TO A TRADEMARK OR SERVICE MARK IN WHICH THE COMPLAINANT HAS RIGHTS

The Complainant is the leading Italian banking group and also one of the protagonists in the European financial arena. Intesa Sanpaolo is the company resulting from the merger (effective as of January 1, 2007) between Banca Intesa S.p.A. and Sanpaolo IMI S.p.A., two of the top Italian banking groups.

Intesa Sanpaolo is among the top banking groups in the euro zone, with a market capitalisation exceeding 44,9 billion euro, and the undisputed leader in Italy, in all business areas (retail, corporate and wealth management). Thanks to a network of approximately 5,300 branches capillary and well distributed throughout the Country, with market shares of more than 21% in most Italian regions, the Group offers its services to approximately 14,7 million customers. Intesa Sanpaolo has a strong presence in Central-Eastern Europe with a network of approximately 1.000 branches and over 7,1 million customers. Moreover, the international network specialised in supporting corporate customers is present in 26 countries, in particular in the Mediterranean area and those areas where Italian companies are most active, such as the United States, Russia, China and India.

Moreover, the Complainant is also the owner, among the others, of the following domain names bearing the signs “INTESA SANPAOLO” and “INTESA”: INTESASANPAOLO.COM, .ORG, .EU, .INFO, .NET, .BIZ, INTESA-SANPAOLO.COM, .ORG, .EU, .INFO, .NET, .BIZ and INTESA.COM, INTESA.INFO, INTESA.BIZ, INTESA.ORG, INTESA.US, INTESA.EU, INTESA.CN, INTESA.IN, INTESA.CO.UK, INTESA.TEL, INTESA.NAME, INTESA.XXX, INTESA.ME. All of them are now connected to the official website http://www.intesasanpaolo.com.

On April 30, 2020, the Respondent registered the domain name <INTESASAN-ON-LINE-IT.COM>.

The domain name at issue is identical, or – at least – confusingly similar, to the Complainant’s trademarks “INTESA SANPAOLO” and “INTESA”. As a matter of fact, INTESASAN-ON-LINE-IT.COM exactly reproduces the well-known trademark “INTESA SANPAOLO”, with the mere omission of the mark’s verbal portion “PAOLO” and the addition of the expression “ON LINE” and of the acronym “IT” (which represents the abbreviation of the geographical term "ITALY", the country in which is located Intesa Sanpaolo's headquarters).


THE RESPONDENT HAS NO RIGHTS OR LEGITIMATE INTERESTS IN RESPECT OF THE DISPUTED DOMAIN NAME

The Respondent has no rights on the disputed domain name, and any use of the trademarks “INTESA SANPAOLO” and “INTESA” has to be authorized by the Complainant. Nobody has been authorized or licensed by the above-mentioned banking group to use the domain name at issue.

The domain name at stake does not correspond to the name of the Respondent and, to the best of our knowledge, the Respondent is not commonly known as “INTESASAN-ON-LINE-IT”.

The Complainant did not find any fair or non-commercial uses of the domain name at stake (the Complainant referred to the disputed domain name’s home-page).


THE DISPUTED DOMAIN NAME WAS REGISTERED AND IS USED IN BAD FAITH

The disputed domain name <INTESASAN-ON-LINE-IT.COM> is currently passively held.

The webpage connected to the disputed domain is currently blocked by Google Safe Browsing because of a suspected phishing activity.

The Complainant’s trademarks “INTESA SANPAOLO” and “INTESA” are distinctive and well known all around the world. The fact that the Respondent has registered a domain name that is confusingly similar to them indicates that the Respondent had knowledge of the Complainant’s trademark at the time of registration of the disputed domain name. In addition, if the Respondent had carried even a basic Google search in respect of the wordings “INTESA SANPAOLO” and “INTESA”, the same would have yielded obvious references to the Complainant. The Complainant submitted an extract of a Google search in support of its allegation. This raises a clear inference of knowledge of the Complainant’s trademark on the part of the Respondent. Therefore, it is more than likely that the domain name at issue would not have been registered if it were not for Complainant’s trademark. This is a clear evidence of registration of the domain name in bad faith.

In addition, the disputed domain name is not used for any bona fide offerings. More particularly, there are present circumstances indicating that, by using the domain name, the Respondent has intentionally attempted to attract, for commercial gain, Internet users to his web site, by creating a likelihood of confusion with the Complainant's mark as to the source, sponsorship, affiliation, or endorsement of his web site (par. 4(b)(iv) of the Policy).

The disputed domain name is not used for any bona fide offerings, considering that the same is connected to a website which has been blocked by Google Safe Browsing through a warning page.

It is clear that the main purpose of the Respondent was to use the above website for “phishing” financial information in an attempt to defraud the Complainant’s customers and that Google promptly stopped the illicit activity carried out by the Respondent.

As underlined by countless WIPO decisions, “<Phishing> is a form of Internet fraud that aims to steal valuable information such as credit cards, social security numbers, user Ids, passwords, etc. A fake website is created that is similar to that of a legitimate organization, typically a financial institution such as a bank or insurance company and this information is used for identity theft and other nefarious activities”. See, in this concern, Halifax Plc. v. Sontaja Sanduci, WIPO Case No. D2004-0237 and also CarrerBuilder LLC v. Stephen Baker, WIPO Case No. D2005-0251.

Several WIPO decisions also stated that the “Use of a disputed domain name for the purpose of defrauding Internet users by the operation of a “phishing” website is perhaps the clearest evidence of registration and use of a domain name in bad faith”. The Royal Bank of Scotland Group plc v. Secret Registration Customer ID 232883 / Lauren Terrado). In particular, the UDRP jurisprudence considered phishing attacks as “proof of both bad faith registration and use in bad faith”. In this sense, it shall also bear in mind WIPO Case No. D2006-0614, Grupo Financiero Inbursa, S.A. de C.V. v. inbuirsa, where the finding was that: “The Respondent registered the domain name because in all probability he knew of the Complainant and the type of services offered by the Complainant and tried to attract Internet users for commercial gain by “spoofing” and “phishing”. The Panel notes that these are practices which have become a serious problem in the financial services industry worldwide. This is a compelling indication both of bad faith registration and of use under paragraph 4(b)(iv)”. See also Finter Bank Zürich v. N/A, Charles Osabor, WIPO Case No. D2005-0871 and Banca Intesa S.p.A. v. Moshe Tal, WIPO Case No. D2006-0228, that directly involves the Complainant.

In conclusion, even excluding any current “phishing” purposes or other illicit use of the domain name in the present case (which, however, has been confirmed by Google Safe Browsing with a warning page), anyway we could find no other possible legitimate use of <INTESASAN-ON-LINE-IT.COM>. The sole further aim of the owner of the domain name under consideration might be to resell it to the Complainant, which represents, in any case, an evidence of the registration and use in bad faith, according to par. 4(b)(i) («circumstances indicating that you have registered or you have acquired the domain name primarily for the purpose of selling, renting, or otherwise transferring the domain name registration to the complainant who is the owner of the trademark or service mark or to a competitor of that complainant, for valuable consideration in excess of your documented out-of-pocket costs directly related to the domain name»).

On October 7, 2020 the Complainant’s attorneys sent to the Respondent a cease and desist letter, asking for the voluntary transfer of the domain name at issue. Despite such communication, the Respondent did not comply with the above request.

NO ADMINISTRATIVELY COMPLIANT RESPONSE HAS BEEN FILED.

The Complainant has, to the satisfaction of the Panel, shown the disputed domain name is identical or confusingly similar to a trademark or service mark in which the Complainant has rights (within the meaning of paragraph 4(a)(i) of the Policy).

The Complainant has, to the satisfaction of the Panel, shown the Respondent to have no rights or legitimate interests in respect of the disputed domain name (within the meaning of paragraph 4(a)(ii) of the Policy).

The Complainant has, to the satisfaction of the Panel, shown the disputed domain name has been registered and is being used in bad faith (within the meaning of paragraph 4(a)(iii) of the Policy).

The Panel is satisfied that all procedural requirements under UDRP were met and there is no other reason why it would be inappropriate to provide a decision.

The Panel finds that the disputed domain name <intesasan-on-line-it.com> is confusingly similar to the Complainant's "INTESA" and "INTESA SANPAOLO" trademarks, since the disputed domain name incorporates the Complainant's trademark "INTESA” in its entirety and the Complainant's trademark "INTESA SANPAOLO" almost entirely by simply omitting the verbal element “PAOLO”; also, the mere addition of the descriptive terms "on-line" and “it” is not capable to dispel the confusing similarity arising from the Complainant's trademarks’ incorporation in the disputed domain name. In fact, the disputed domain name somehow corresponds to both of the Complainant's trademarks showing similarities with each of them.

Moreover, the Complainant contends, and the Respondent has not objected to these contentions, that the Respondent so far has neither made use of, or demonstrable preparations to use, the disputed domain name in connection with a bona fide offering of goods or services, nor is the Respondent making a legitimate noncommercial or fair use of the disputed domain name, nor is the Respondent commonly known thereunder. The disputed domain name apparently has not yet been actively used by the Respondent on the Internet (so-called “passive holding”). Many UDRP panels have recognized that the mere registration of a domain name, even one that is comprised of a confirmed dictionary word or phrase, may not of itself confer rights or legitimate interests in a disputed domain name. Accordingly, the Panel has no difficulty in finding that the Respondent has no rights or legitimate interests in respect of the disputed domain name.

Finally, given the reputation of the Complainant’s trademarks “INTESA” and “INTESA SANPAOLO” all around the world and given the fact that the Respondent has registered a domain name that actually is kind of a combination of two of Complainant’s trademarks clearly indicates that the Respondent had knowledge of the Complainant’s trademarks at the time of the registration of the disputed domain name. Also, there is a consensus view among UDRP panelists that a passive holding of a disputed domain name may, in appropriate circumstances, be consistent with the finding of bad faith, in particular in circumstances in which, for example, a complainant’s trademark is well-known, and there is no conceivable use that could be made of the disputed domain name and would not amount to an infringement of the complainant’s trademark’s rights. In the case at hand, in the absence of any other reasonable explanation as to why the Respondent should rely on the disputed domain name and given that the Respondent has brought forward nothing in substance relating to the intended use of the disputed domain name that would have allowed the Panel to hold for Respondent (who also kept silent on the Complainant’s cease and desist letter of October 7, 2020), the Panel finds that the Respondent has registered and is making use of the disputed domain name in a manner which at least takes unjustified and unfair advantage of the Complainant’s “INTESA” and “INTESA SANPAOLO” trademarks’ fame and must, therefore, be considered as registered and being used in bad faith within the meaning of the Policy.