Decision for dispute CAC-UDRP-105101

The Panel is not aware of any other legal proceedings which are pending or decided and which relate to the disputed domain name <INTESASANPAOLOSECURE.COM>.

The Complainant states and provides evidence to support that it is the owner, among others, of multiple trademark registrations for the trademarks “INTESA” and “INTESA SANPAOLO”:

- International trademark registration n. 793367 “INTESA”, granted on September 4, 2002, and duly renewed, in class 36;

- EU trademark registration n. 12247979 “INTESA”, applied on October 23, 2013, and granted on March 5, 2014, in classes 9, 16, 35, 36, 38, 41 and 42;

- International trademark registration n. 920896 “INTESA SANPAOLO”, granted on March 7, 2007, and duly renewed, in classes 9, 16, 35, 36, 41, 42;

- EU trademark registration n. 5301999 “INTESA SANPAOLO”, applied on September 8, 2006, granted on June 18, 2007, and duly renewed in classes 35, 36 and 38.

Moreover, the Complainant is also the owner, among the others, of the following domain names bearing the signs “INTESA SANPAOLO” and “INTESA”: INTESASANPAOLO.COM, .ORG, .EU, .INFO, .NET, .BIZ, INTESA-SANPAOLO.COM, .ORG, .EU, .INFO, .NET, .BIZ and INTESA.COM, INTESA.INFO, INTESA.BIZ, INTESA.ORG, INTESA.US, INTESA.EU, INTESA.CN, INTESA.IN, INTESA.CO.UK, INTESA.TEL, INTESA.NAME, INTESA.XXX, INTESA.ME. All of them are now connected to the official website www.intesasanpaolo.com.

The Complainant is a leading Italian banking group established on January 1, 2007, resulting from the merger of Banca Intesa S.p.A and San Paolo IMI S.p.A. Intesa Sanpaolo is among the top banking groups in the eurozone, with a market capitalisation exceeding EUR 40,3 billion, and an undisputed leader in Italy, in all business areas (retail, corporate and wealth management).

The disputed domain name <INTESASANPAOLOSECURE.COM> was registered on March 4, 2022.

COMPLAINANT:

1. The disputed domain name is confusingly similar to the protected mark

According to the Complainant, the Respondent’s registered disputed domain name is identical, or – at least – confusingly similar, to the Complainant’s trademarks “INTESA SANPAOLO” and “INTESA”. Essentially, <INTESASANPAOLOSECURE.COM> exactly reproduces the Complainant's well-known trademark “INTESA SANPAOLO”, with the mere addition of the term “SECURE”, which is merely descriptive.

2. Respondent does not have any rights or legitimate interest in the disputed domain name

The Complainant argues that the Respondent has no rights on the disputed domain name, and any use of the trademarks “INTESA SANPAOLO” and “INTESA” has to be authorized by the Complainant. Nobody has been authorized or licensed by the above-mentioned banking group to use the disputed domain name.

The disputed domain name does not correspond to the name of the Respondent and, to the best of the Complainant's knowledge, the Respondent is not commonly known as “INTESASANPAOLOSECURE”.

3. The Disputed Domain Name has been registered and is being used in bad faith

The Complainant claims that the disputed domain name, which is currently passively held, was registered and used in bad faith. The Complainant’s trademarks, “INTESA” and “INTESA SANPAOLO”, are distinctive and well-known worldwide. The fact that the Respondent has registered a domain name that is confusingly similar to them indicates that the Respondent knew of the Complainant’s trademark at the time of registration of the disputed domain name.

The Complainant contends it is evident from a basic Google search concerning the wordings “INTESA” and “INTESA SANPAOLO” the same would have yielded obvious references to the Complainant. This raises a clear inference of knowledge of the Complainant’s trademark on the part of the Respondent. Therefore, it is more than likely that the disputed domain name would not have been registered if it were not for Complainant’s trademark. This is evidence of registration of the disputed domain name in bad faith.

Also, the disputed domain name is not used for any bona fide offerings. More particularly, the Complainant presents that the webpage connected to the disputed domain name is currently blocked by Google Safe Browsing because of suspected “phishing” activity. The Complainant argues that the main purpose of the Respondent was to use the above website for “phishing” financial information in an attempt to defraud the Complainant’s customers and that Google promptly stopped the illicit activity carried out by the Respondent.

Even excluding any “phishing” purposes or other illicit use of the disputed domain name in the present case (which however, has been confirmed by Google Safe Browsing with a warning page), the Complainant claims there is no other possible legitimate use of <INTESASANPAOLOSECURE.COM>. The sole further aim of the Respondent under consideration might be to resell it to the Complainant, which represents, in any case, evidence of the registration and use in bad faith, according to par. 4(b)(i).

RESPONDENT:

NO ADMINISTRATIVELY COMPLIANT RESPONSE HAS BEEN FILED.

The Complainant has, to the satisfaction of the Panel, shown the disputed domain name is identical or confusingly similar to a trademark or service mark in which the Complainant has rights (within the meaning of paragraph 4(a)(i) of the Policy).

The Complainant has, to the satisfaction of the Panel, shown the Respondent to have no rights or legitimate interests in respect of the disputed domain name (within the meaning of paragraph 4(a)(ii) of the Policy).

The Complainant has, to the satisfaction of the Panel, shown the disputed domain name has been registered and is being used in bad faith (within the meaning of paragraph 4(a)(iii) of the Policy).

The Panel is satisfied that all procedural requirements under UDRP were met and there is no other reason why it would be inappropriate to provide a decision.

The UNIFORM DOMAIN NAME DISPUTE RESOLUTION POLICY of the Internet Corporation for Assigned Names and Numbers (ICANN) (the “Policy”) provides that a complainant must prove each of the following to obtain transfer or cancellation of a domain name:

1. that respondent’s domain name is identical or confusingly similar to a trademark or service mark in which complainant has rights; and

2. that respondent has no rights or legitimate interests in respect of the domain name; and

3. the domain name has been registered and is being used in bad faith.

1) The disputed domain name is confusingly similar to a trademark in which the Complainant has rights (Para.4(a)(i) of the Policy).

The Complainant has provided evidence and proved to be the owner of several “INTESA” and “INTESA SANPAOLO” trademarks in various jurisdictions. Essentially, the Respondent has appropriated the trademark “INTESA SANPAOLO” with the mere addition of the term “SECURE”, in the mark’s verbal portion “INTESASANPAOLO” to presumably lead consumers to believe that it is affiliated with the Complainant.

The Panel finds that the disputed domain name <INTESASANPAOLOSECURE.COM> is confusingly similar to the Complainant’s trademarks “INTESA” and “INTESA SANPAOLO” since the mere addition of the term “SECURE” exactly reproduces the Complainant's well-known trademark “INTESA SANPAOLO”. The term “SECURE” is purely descriptive and does not eliminate any confusing similarity. This is especially true where, as here, the trademark is “the dominant portion of the domain name,” LEGO Juris A/S v. Domain Tech Enterprises, WIPO Case No. D2011-2286, or where the trademark in the domain name represents “the most prominent part of the disputed domain name[] which will attract consumers’ attention.” Kabushiki Kaisha Toshiba dba Toshiba Corporation v. WUFACAI, WIPO Case No. D2006-0768.

In conclusion, the Panel finds that the disputed domain name <INTESASANPAOLOSECURE.COM> shows a clear visual, phonetic and conceptual resemblance to the Complainant’s trademarks “INTESA” and “INTESA SANPAOLO”, and could confuse Internet users into thinking that the disputed domain name is associated with the Complainant or its trademarks. 

2) The Respondent lacks rights or legitimate interests in the disputed domain name (Para. 4(a)(ii) of the Policy).

Under the Policy, a complainant is required to make out a prima facie case that the respondent lacks rights or legitimate interests. Once such prima facie case is made, the burden of production shifts to the respondent to come forward with appropriate allegations or evidence demonstrating rights or legitimate interests in the domain name. If the respondent fails to come forward with such appropriate allegations or evidence, a complainant is generally deemed to have satisfied paragraph 4(a)(ii) of the Policy (see WIPO Overview 2.0, paragraph 2.1).

According to the Complainant, the Respondent has no rights in respect of the disputed domain name, and any use of the trademarks “INTESA” and “INTESA SANPAOLO” has to be authorized by the Complainant. The Respondent has not been authorized or licensed by the Complainant to use the disputed domain name.

In the present case, the Respondent failed to file a Response in which it could have provided evidence supporting its rights or legitimate interests. Therefore, all these circumstances are sufficient to establish a prima facie case that the Respondent lacks rights and legitimate interests in the disputed domain name.

The Panel thus believes that the Respondent lacks rights or legitimate interests in the disputed domain name.

3) The disputed domain name has been registered and is being used in bad faith (Paragraph 4(a)(iii) of the Policy).

The Panel agrees with the Complainant that its trademarks “INTESA” and “INTESA SANPAOLO” are distinctive and well-known globally. The fact that the Respondent has registered a domain name that is confusingly similar to them indicates, and in the absence of any evidence contrary (or any administratively compliant response at all) being put forward by the Respondent, that the Respondent, according to this Panel, had knowledge (or should have known) of the Complainant’s trademarks and that they had such knowledge before the registration and use of the disputed domain name.

The fact that a complainant’s trademark has a strong reputation and is widely used and the absence of evidence whatsoever of any actual or contemplated good faith use are further circumstances that may evidence bad faith registration and use in the event of passive use of domain names (see section 3.3, WIPO Overview 3.0).

In the present case, the Panel finds that the Complainant’s trademarks are distinctive and well-known, which makes it difficult to conceive any plausible legitimate future use of the disputed domain name by the Respondent.

The disputed domain name is currently passively held. Countless UDRP decisions confirmed that the passive holding of a domain name with the knowledge that the domain name infringes another party’s trademark rights is evidence of bad faith registration and use (see, in this regard, Telstra Corporation Limited v. Nuclear Marshmallows, WIPO Case No. D2000-0003 and also the panels’ consensus view on this point, as reflected in the “WIPO Overview of WIPO Views on Selected UDRP Questions” at paragraph 3.2.).

In addition, the disputed domain name is not used for any bona fide offerings. More particularly, the Complainant pointed out that the webpage connected to the disputed domain name is currently blocked by Google Safe Browsing because of suspected “phishing” activity. The Panel accepts the Complainant's undisputed submission that bad faith registration and use of the disputed domain name is further indicated by the fact that there is strong suspicion of Respondent using the disputed domain name in a phishing scam. There are numerous previous UDRP decisions which have held that the registration and the use of a domain name in connection with a fraudulent “phishing” scheme constitutes bad faith under the Policy.

For all reasons stated above, the Panel is satisfied that the Complainant has proven the third element of the Policy, which is the Respondent's registration and use of the disputed domain name in bad faith.