Sophos Limited v. John Millan / PenetrationIT
Claim Number: FA2110001969350
Complainant is Sophos Limited (“Complainant”), represented by Robert White of Lexsynergy Limited, Great Britain. Respondent is John Millan / PenetrationIT (“Respondent”), USA.
REGISTRAR AND DISPUTED DOMAIN NAMES
The domain names at issue are <sophossecurityservice.com> and <sophossecurityt.com>, registered with NameCheap, Inc.
The undersigned certifies that he has acted independently and impartially and to the best of his knowledge has no known conflict in serving as Panelist in this proceeding.
Richard Hill as Panelist.
Complainant submitted a Complaint to the Forum electronically on October 18, 2021; the Forum received payment on October 18, 2021.
On October 18, 2021, NameCheap, Inc. confirmed by e-mail to the Forum that the <sophossecurityservice.com> and <sophossecurityt.com> domain names are registered with NameCheap, Inc. and that Respondent is the current registrant of the names. NameCheap, Inc. has verified that Respondent is bound by the NameCheap, Inc. registration agreement and has thereby agreed to resolve domain disputes brought by third parties in accordance with ICANN’s Uniform Domain Name Dispute Resolution Policy (the “Policy”).
On October 19, 2021, the Forum served the Complaint and all Annexes, including a Written Notice of the Complaint, setting a deadline of November 8, 2021 by which Respondent could file a Response to the Complaint, via e-mail to all entities and persons listed on Respondent’s registration as technical, administrative, and billing contacts, and to postmaster@sophossecurityservice.com, postmaster@sophossecurityt.com. Also on October 19, 2021, the Written Notice of the Complaint, notifying Respondent of the e-mail addresses served and the deadline for a Response, was transmitted to Respondent via post and fax, to all entities and persons listed on Respondent’s registration as technical, administrative and billing contacts.
Having received no response from Respondent, the Forum transmitted to the parties a Notification of Respondent Default.
On November 12, 2021, pursuant to Complainant's request to have the dispute decided by a single-member Panel, the Forum appointed Richard Hill as Panelist.
Having reviewed the communications records, the Administrative Panel (the "Panel") finds that the Forum has discharged its responsibility under Paragraph 2(a) of the Rules for Uniform Domain Name Dispute Resolution Policy (the "Rules") "to employ reasonably available means calculated to achieve actual notice to Respondent" through submission of Electronic and Written Notices, as defined in Rule 1 and Rule 2. Therefore, the Panel may issue its decision based on the documents submitted and in accordance with the ICANN Policy, ICANN Rules, the Forum's Supplemental Rules and any rules and principles of law that the Panel deems applicable, without the benefit of any response from Respondent.
Complainant requests that the domain names be transferred from Respondent to Complainant.
A. Complainant
Complainant states that it operates a security company offering security software and hardware for businesses and organizations. Complainant has an extensive network of offices around the world such as in the United States, Canada, United Kingdom, Austria, France, Germany, Hungary. Italy, Netherlands, Sweden, Spain, Switzerland, Poland, United Arab Emirates, Australia, China, Hong Kong, India, Indonesia, Japan, Malaysia, Philippines, Singapore and Taiwan. Over 100 million people in 150 countries use Complainant’s products and/or services. Complainant has rights in the SOPHOS mark through its registration in the United Kingdom in 1995. The mark is registered elsewhere around the world.
Complainant alleges that the disputed domain names are identical or confusingly similar to its SOPHOS mark, as they incorporate the mark in its entirety, merely adding the descriptive term “security” to each domain, and either the generic term “service” or the letter “T”, along with adding the “.com” generic top-level domain (“gTLD”).
According to Complainant, Respondent lacks rights and legitimate interests in the disputed domain names as it is not commonly known by the disputed domain names and is neither an authorized user or licensee of the SOPHOS mark. Additionally, Respondent does not use the disputed domain names for any bona fide offer of goods or services, nor for any legitimate noncommercial or fair use. Instead, Respondent uses both domain names to distribute malicious software to Internet users’ devices. Furthermore, the <sophossecurityservice.com> domain name initially resolved to a parked website with links to Complainant’s competitors (subsequently it was used to distribute malware).
Further, says Complainant, Respondent registered and uses the disputed domain names in bad faith. Respondent uses the disputed domain names in furtherance of a malware distribution scheme. As already stated, the <sophossecurityservice.com> domain name initially resolved to a parked website with links to Complainant’s competitors. The WHOIS information is false. Respondent registered the disputed domain names with actual knowledge of Complainant’s rights in the SOPHOS mark.
B. Respondent
Respondent failed to submit a Response in this proceeding.
Complainant owns the mark SOPHOS and uses it to provide security services.
Complainant’s rights in its mark date back to 1995.
The disputed domain names were registered in 2021.
Complainant has not licensed or otherwise authorized Respondent to use its mark.
The disputed domain names are used to propagate malware. The WHOIS information is false.
Paragraph 15(a) of the Rules instructs this Panel to "decide a complaint on the basis of the statements and documents submitted in accordance with the Policy, these Rules and any rules and principles of law that it deems applicable."
Paragraph 4(a) of the Policy requires that Complainant must prove each of the following three elements to obtain an order that a domain name should be cancelled or transferred:
(1) the domain name registered by Respondent is identical or confusingly similar to a trademark or service mark in which Complainant has rights; and
(2) Respondent has no rights or legitimate interests in respect of the domain name; and
(3) the domain name has been registered and is being used in bad faith.
In view of Respondent's failure to submit a response, the Panel shall decide this administrative proceeding on the basis of Complainant's undisputed representations pursuant to paragraphs 5(f), 14(a) and 15(a) of the Rules and draw such inferences it considers appropriate pursuant to paragraph 14(b) of the Rules. The Panel is entitled to accept all reasonable allegations set forth in a complaint; however, the Panel may deny relief where a complaint contains mere conclusory or unsubstantiated arguments. See WIPO Jurisprudential Overview 3.0 at ¶ 4.3; see also eGalaxy Multimedia Inc. v. ON HOLD By Owner Ready To Expire, FA 157287 (Forum June 26, 2003) (“Because Complainant did not produce clear evidence to support its subjective allegations [. . .] the Panel finds it appropriate to dismiss the Complaint”).
The disputed domain names incorporate Complainant’s the mark in its entirety, merely adding the descriptive term “security” to each domain, and either the generic term “service” or the letter “T”, along with adding the “.com” generic top-level domain (“gTLD”). Previous Panels have held that such changes may not negate confusing similarity between a domain name and a mark under Policy ¶ 4(a)(i). See Bloomberg Finance L.P. v. Nexperian Holding Limited, FA 1782013 (Forum June 4, 2018) (“Where a relevant trademark is recognizable within a disputed domain name, the addition of other terms (whether descriptive, geographical, pejorative, meaningless, or otherwise) does not prevent a finding of confusing similarity under the first element.”); see also TripAdvisor, LLC / Smarter Travel Media LLC / Jetsetter, Inc. v. RAKSHITA MERCANTILE PRIVATE LIMITED, FA 1623459 (Forum July 17, 2015) (“Adding a single letter is not enough to prevent a domain name from being confusingly similar to a mark.”). Thus, the Panel finds that the disputed domain names are confusingly similar to Complainant’s SOPHOS mark under Policy ¶ 4(a)(i).
Complainant has not licensed or otherwise authorized Respondent to use its mark. Respondent is not commonly known by the disputed domain names: when a response is lacking, relevant WHOIS information may demonstrate that a Respondent is not commonly known by a disputed domain name under Policy ¶ 4(c)(ii). See H-D U.S.A., LLC, v. ilyas Aslan / uok / Domain Admin ContactID 5645550 / FBS INC / Whoisprotection biz, FA 1785313 (Forum June 25, 2018) (“The publicly available WHOIS information identifies Respondent as ‘Ilyas Aslan’ and so there is no prima facie evidence that Respondent might be commonly known by either of the [<harleybot.bid> and <harleybot.com>] domain names.”). Here, the WHOIS information of record identifies “John Millan / PenetrationIT”. Thus the Panel finds that Respondent is not commonly known by the disputed domain names under Policy ¶ 4(c)(ii).
Complainant presents evidence showing that the disputed domain names are used to distribute malware. This suffices to establish that Respondent is not using the disputed domain names to make a bona fide offer or a legitimate noncommercial or fair use under Policy ¶¶ 4(c)(i) or (iii). See Coachella Music Festival, LLC v. Carolina Rodrigues / Fundacion Comercio Electronico, FA 1785199 (Forum June 5, 2018) (“Respondent uses the <coechella.com> domain name to direct internet users to a website which is used to attempt to install malware on visiting devices. Using the domain name in this manner is neither a bona fide offering of goods or services under Policy ¶4(c)(i), nor a non-commercial or fair use under Policy ¶ 4(c)(iii).”). Thus, the Panel finds that Respondent is not using the disputed domain names to make a bona fide offer or a legitimate noncommercial or fair use under Policy ¶¶ 4(c)(i) or (iii). And the Panel finds that Respondent lacks rights and legitimate interests in the disputed domain names.
Respondent (who did not reply to Complainant’s contentions) has not presented any plausible explanation for its use of Complainant’s mark. In accordance with paragraph 14(b) of the Rules, the Panel shall draw such inferences from Respondent’s failure to reply as it considers appropriate. Accordingly, the Panel finds that Respondent did not have a legitimate use in mind when registering the disputed domain names.
Indeed, as already noted, the disputed domain names are used to facilitate the distribution of malware. Under Policy ¶ 4(a)(iii), use of an infringing domain name to distribute malicious software demonstrates bad faith. See Asbury Communities, Inc. v. Tiffany Hedges, FA 1785054 (Forum June 18, 2018) (“The Panel here finds that Respondent [installation of malware] further support the conclusion that Respondent registered and used the <asburymethodistvillage.com> domain name in bad faith under Policy ¶ 4(a)(iii)”). Therefore, the Panel finds bad faith registration and use under Policy ¶ 4(a)(iii).
Furthermore, Respondent provided false WHOIS information: the Street is listed as “Park Way Cupertino”, the city as “New York”, the state as “CA”, the US Zip Code as “95014”, and the US phone number as “+1.235 267 734 4252”. Since Cupertino, CA, corresponds to Zip Code 95014, the designation of the city as “New York” could be considered to be a typographical error; however the specified phone number is not a valid phone number: it is too long, the area code 235 is not assigned, and the area code 257 corresponds to Pennsylvania. Failure to provide accurate contact information may demonstrate bad faith under Policy ¶ 4(a)(iii). See Farouk Systems, Inc. v. Jack King / SLB, FA1505001618704 (Forum June 19, 2015) (finding bad faith registration and use pursuant to Policy ¶ 4(a)(iii) where the respondent had provided false contact information when registering the disputed domain name). Accordingly, the Panel finds bad faith registration and use under Policy ¶ 4(a)(iii).
Having established all three elements required under the ICANN Policy, the Panel concludes that relief shall be GRANTED.
Accordingly, it is Ordered that the <sophossecurityservice.com> and <sophossecurityt.com> domain names be TRANSFERRED from Respondent to Complainant.
Richard Hill, Panelist
Dated: November 12, 2021
Click Here to return to the main Domain Decisions Page.
Click Here to return to our Home Page