Twitter, Inc. v. Sevilay Calskan / Polat Calskan
Claim Number: FA2205001995383
Complainant is Twitter, Inc. (“Complainant”), represented by James F. Struthers of Richard Law Group, Inc., Texas, USA. Respondent is Sevilay Calskan / Polat Calskan (“Respondent”), Great Britain.
REGISTRAR AND DISPUTED DOMAIN NAMES
The domain names at issue are <twitter-password.com> and <twitter-password.xyz> (“Domain Names”), registered with Atak Domain Hosting Internet Ve Bilgi Teknolojileri Limited Sirketi D/B/A Atak Teknoloji.
The undersigned certifies that he has acted independently and impartially and to the best of his knowledge has no known conflict in serving as Panelist in this proceeding.
Nicholas J.T. Smith as Panelist.
Complainant submitted a Complaint to the Forum electronically on May 6, 2022; the Forum received payment on May 6, 2022.
On May 18, 2022; May 27, 2022, Atak Domain Hosting Internet Ve Bilgi Teknolojileri Limited Sirketi D/B/A Atak Teknoloji; confirmed by e-mail to the Forum that the <twitter-password.com> and <twitter-password.xyz> domain names are registered with Atak Domain Hosting Internet Ve Bilgi Teknolojileri Limited Sirketi D/B/A Atak Teknoloji; and that Respondent is the current registrant of the names. Atak Domain Hosting Internet Ve Bilgi Teknolojileri Limited Sirketi D/B/A Atak Teknoloji; has verified that Respondent is bound by the Atak Domain Hosting Internet Ve Bilgi Teknolojileri Limited Sirketi D/B/A Atak Teknoloji; registration agreement and has thereby agreed to resolve domain disputes brought by third parties in accordance with ICANN’s Uniform Domain Name Dispute Resolution Policy (the “Policy”).
On May 31, 2022, the Forum served the Complaint and all Annexes, including a Written Notice of the Complaint, setting a deadline of June 21, 2022 by which Respondent could file a Response to the Complaint, via e-mail to all entities and persons listed on Respondent’s registration as technical, administrative, and billing contacts, and to postmaster@twitter-password.com, postmaster@twitter-password.xyz. Also on May 31, 2022, the Written Notice of the Complaint, notifying Respondent of the e-mail addresses served and the deadline for a Response, was transmitted to Respondent via post and fax, to all entities and persons listed on Respondent’s registration as technical, administrative and billing contacts.
Having received no response from Respondent, the Forum transmitted to the parties a Notification of Respondent Default.
On June 29, 2022, pursuant to Complainant's request to have the dispute decided by a single-member Panel, the Forum appointed Nicholas J.T. Smith as Panelist.
Having reviewed the communications records, the Administrative Panel (the "Panel") finds that the Forum has discharged its responsibility under Paragraph 2(a) of the Rules for Uniform Domain Name Dispute Resolution Policy (the "Rules") "to employ reasonably available means calculated to achieve actual notice to Respondent" through submission of Electronic and Written Notices, as defined in Rule 1 and Rule 2. Therefore, the Panel may issue its decision based on the documents submitted and in accordance with the ICANN Policy, ICANN Rules, the Forum's Supplemental Rules and any rules and principles of law that the Panel deems applicable, without the benefit of any response from Respondent.
Complainant requests that the Domain Names be transferred from Respondent to Complainant.
A. Complainant
Complainant operates a global information network centered around its website at www.twitter.com and related mobile applications. Complainant has rights in the TWITTER mark through its registration with the United States Patent and Trademark Office (“USPTO”) (e.g. Reg. No. 3,619,911, registered May 12, 2009). Respondent’s <twitter-password.com> and <twitter-password.xyz> domain names are identical or confusingly similar to Complainant’s mark as they incorporate the mark in its entirety while adding the generic or descriptive term “password” along with a hyphen and the “.com” or “.xyz” generic top-level domains (“gTLDs”).
Respondent lacks rights and legitimate interests in the <twitter-password.com> and <twitter-password.xyz> domain names. Respondent is not commonly known by the Domain Names, nor has Complainant authorized or licensed Respondent to use its TWITTER mark in the Domain Names. Respondent does not use the Domain Names for any bona fide offering of goods or services nor a legitimate noncommercial or fair use. The Domain Names do not resolve to active websites but Respondent uses one of the Domain Names to pass off as Complainant in furtherance of a phishing scheme, creating a false impression of affiliation with Complainant.
Respondent registered and uses the <twitter-password.com> and <twitter-password.xyz> domain names in bad faith by attempting to impersonate Complainant in furtherance of a phishing scheme. Respondent had actual knowledge of Complainant’s TWITTER mark due to the long-standing use and fame of the mark and the use of the Domain Names to impersonate Complainant.
B. Respondent
Respondent failed to submit a Response in this proceeding.
Complainant holds trademark rights for the TWITTER mark. Each of the Domain Names is confusingly similar to Complainant’s TWITTER mark. Complainant has established that Respondent lacks rights or legitimate interests in the Domain Names and that Respondent registered and has used the Domain Names in bad faith.
Paragraph 15(a) of the Rules instructs this Panel to "decide a complaint on the basis of the statements and documents submitted in accordance with the Policy, these Rules and any rules and principles of law that it deems applicable."
Paragraph 4(a) of the Policy requires that Complainant must prove each of the following three elements to obtain an order that a domain name should be cancelled or transferred:
(1) the domain name registered by Respondent is identical or confusingly similar to a trademark or service mark in which Complainant has rights; and
(2) Respondent has no rights or legitimate interests in respect of the domain name; and
(3) the domain name has been registered and is being used in bad faith.
In view of Respondent's failure to submit a response, the Panel shall decide this administrative proceeding on the basis of Complainant's undisputed representations pursuant to paragraphs 5(f), 14(a) and 15(a) of the Rules and draw such inferences it considers appropriate pursuant to paragraph 14(b) of the Rules. The Panel is entitled to accept all reasonable allegations set forth in a complaint; however, the Panel may deny relief where a complaint contains mere conclusory or unsubstantiated arguments. See WIPO Jurisprudential Overview 3.0 at ¶ 4.3; see also eGalaxy Multimedia Inc. v. ON HOLD By Owner Ready To Expire, FA 157287 (Forum June 26, 2003) (“Because Complainant did not produce clear evidence to support its subjective allegations [. . .] the Panel finds it appropriate to dismiss the Complaint”).
Complainant has rights in the TWITTER mark based upon registration of the mark with the USPTO (e.g., Reg. Reg. No. 3,619,911, registered May 12, 2009). Registration of a mark with the USPTO is sufficient to establish rights in that mark. See Liberty Global Logistics, LLC v. damilola emmanuel / tovary services limited, FA 1738536 (Forum Aug. 4, 2017) (stating, “Registration of a mark with the USPTO sufficiently establishes the required rights in the mark for purposes of the Policy.”).
The Panel finds that the <twitter-password.com> and <twitter-password.xyz> domain names are confusing similar to Complainant’s TWITTER mark as they each wholly incorporate the TWITTER mark and add a hyphen, the word “password” and a gTLD. Registration of a domain name that makes use of a complainant’s mark and adds a hyphen, a generic term and a gTLD does not distinguish the domain name from the mark per Policy ¶ 4(a)(i). See Microsoft Corporation v. Thong Tran Thanh, FA 1653187 (Forum Jan. 21, 2016) (determining that confusing similarity exists where [a disputed domain name] contains Complainant’s entire mark and differs only by the addition of a generic or descriptive phrase and top-level domain, the differences between the domain name and its contained trademark are insufficient to differentiate one from the other for the purposes of the Policy); see also ADP, LLC. v. Ella Magal, FA 1773958 (Forum Aug. 2, 2017) (“Respondent’s <workforce-now.com> domain name appropriates the dominant portion of Complainant’s ADP WORKFORCE NOW mark and adds a hyphen and the gTLD “.com.” These changes do not sufficiently distinguish the disputed domain name from the ADP WORKFORCE NOW mark.”) see also Dell Inc. v. Protection of Private Person / Privacy Protection, FA 1681432 (Forum Aug. 1, 2016) (“A TLD (whether a gTLD, sTLD or ccTLD) is disregarded under a Policy ¶ 4(a)(i) analysis because the domain name syntax requires TLDs.”).
The Panel finds Complainant has satisfied Policy ¶ 4(a)(i).
Complainant alleges that Respondent holds no rights or legitimate interests in the Domain Names. In order for Complainant to succeed under this element, it must first make a prima facie case that Respondent lacks rights and legitimate interests in the Domain Names under Policy ¶ 4(a)(ii), and then the burden shifts to Respondent to show it does have rights or legitimate interests. See Hanna-Barbera Prods., Inc. v. Entm’t Commentaries, FA 741828 (Forum Aug. 18, 2006) and AOL LLC v. Gerberg, FA 780200 (Forum Sept. 25, 2006) (“Complainant must first make a prima facie showing that Respondent does not have rights or legitimate interest in the subject domain names, which burden is light. If Complainant satisfies its burden, then the burden shifts to Respondent to show that it does have rights or legitimate interests in the subject domain names.”). The Panel holds that Complainant has made out a prima facie case.
Complainant asserts that Respondent has no rights or legitimate interests in the Domain Names as Respondent is not commonly known by the Domain Names, nor has Complainant authorized Respondent to use the TWITTER mark. Respondent has no relationship, affiliation, connection, endorsement or association with Complainant. WHOIS information can help support a finding that a respondent is not commonly known by the disputed domain name, especially where a privacy service has been engaged. See State Farm Mutual Automobile Insurance Company v. Dale Anderson, FA1504001613011 (Forum May 21, 2015) (concluding that because the WHOIS record lists “Dale Anderson” as the registrant of the disputed domain name, the respondent was not commonly known by the <statefarmforum.com> domain name pursuant to Policy ¶ 4(c)(ii)); see also Kohler Co. v. Privacy Service, FA1505001621573 (Forum July 2, 2015) (holding that the respondent was not commonly known by the disputed domain name pursuant to Policy ¶ 4(c)(ii) where “Privacy Service” was listed as the registrant of the disputed domain name). The WHOIS lists “Sevilay Calskan / Polat Calskan” as registrant of record. Coupled with Complainant’s unrebutted assertions as to absence of any affiliation or authorization between the parties, the Panel finds that Respondent is not commonly known by the Domain Names in accordance with Policy ¶ 4(c)(ii).
The Domain Names are presently inactive which by itself does not show a bona fide offering of goods and services. Complainant alleges, and provides evidence supporting its allegations, that Respondent uses the Domain Name <twitter-password.com> to facilitate a phishing scam in which users of the Complainant’s service receive a fake Twitter Support Center message claiming that their account has been reviewed as span and inviting the users to click on a link connected to the Domain Name, to appeal the decision, presumably to provide their account password or other identifying details. The second Domain Name, <twitter-password.xyz>, is inactive and can on the balance of probabilities, be presumed to be held pending use for a similar purpose. Such conduct is best characterized as “phishing”. Respondent’s use of the Domain Names to support a scheme to impersonate Complainant for the purpose of engaging in a phishing scheme is not a bona fide offering of goods or services or a legitimate noncommercial or fair use per Policy ¶¶ 4(c)(i) or (iii). See Bittrex, Inc. v. Caroline Alves Maia, FA 1796113 (Forum Aug. 6, 2018) (finding the respondent lacked rights and legitimate interests in the domain name because it used the name to resolve to a website virtually identical to the complainant’s to prompt users to enter their login information so that the respondent may gain access to that customer’s cryptocurrency account); see also Caterpillar Inc. v. ruth weinstein, FA 1770352 (Forum Mar. 7, 2018) (“Use of a disputed domain name in an attempt to pass itself off as a complainant and to conduct a phishing scheme is indicative of a failure to use said domain name in connection with a bona fide offer of goods and services per Policy ¶ 4(c)(i) or a legitimate noncommercial or otherwise fair use per Policy ¶ 4(c)(iii).”).
The Panel finds Complainant has satisfied Policy ¶ 4(a)(ii).
The Panel finds that, at the time Respondent registered the Domain Names, February 22, 2022, and February 25, 2022, Respondent had actual knowledge of Complainant’s TWITTER mark. The Respondent has the Domain Name <twitter-password.com> to pass itself off as Complainant for financial gain or to disrupt Complainant’s business. In the absence of rights or legitimate interests of its own, this demonstrates registration in bad faith under Policy ¶ 4(a)(iii).
The Panel finds that Respondent registered and uses the Domain Names in bad faith as Respondent has used the Domain Name <twitter-password.com> (and is likely passively holding the Domain Name <twitter-password.xyz> pending similar use) to impersonate Complainant in furtherance of a phishing scheme. Use of a disputed domain name to impersonate a complainant in furtherance of a phishing scheme is evidence of bad faith per Policy ¶ 4(a)(iii). See Google Inc. v. Domain Admin / Whois Privacy Corp., FA1506001622862 (Forum Aug. 10, 2015) (finding that the respondent’s apparent use of the disputed domain name in furtherance of a ‘phishing’ scheme further established its bad faith registration and use of the disputed domain name under Policy ¶ 4(a)(iii)). Accordingly, the Panel finds that Respondent registered and uses the Domain Names in bad faith pursuant to Policy ¶ 4(a)(iii).
Having established all three elements required under the ICANN Policy, the Panel concludes that relief shall be GRANTED.
Accordingly, it is Ordered that the <twitter-password.com> and <twitter-password.xyz> domain names be TRANSFERRED from Respondent to Complainant.
Nicholas J.T. Smith, Panelist
Dated: June 30, 2022
Click Here to return to the main Domain Decisions Page.
Click Here to return to our Home Page