DECISION

 

Bayramoglu Law Offices LLC v. Barbi Biedermann / Harper Feed Hardware, LLC

Claim Number: FA2502002141250

 

PARTIES

Complainant is Bayramoglu Law Offices LLC ("Complainant"), represented by Nazly Aileen Bayramoglu, Nevada, USA. Respondent is Barbi Biedermann / Harper Feed Hardware, LLC ("Respondent"), Texas, USA.

 

REGISTRAR AND DISPUTED DOMAIN NAME

The domain name at issue is <baylavvinjury.com>, registered with NameCheap, Inc.

 

PANEL

The undersigned certifies that they have acted independently and impartially and to the best of their knowledge have no known conflict in serving as Panelist in this proceeding.

 

Steven M. Levy, Esq. as Panelist.

 

PROCEDURAL HISTORY

Complainant submitted a Complaint to Forum electronically on February 20, 2025; Forum received payment on February 20, 2025.

 

On February 21, 2025, NameCheap, Inc. confirmed by e-mail to Forum that the <baylavvinjury.com> domain name is registered with NameCheap, Inc. and that Respondent is the current registrant of the name. NameCheap, Inc. has verified that Respondent is bound by the NameCheap, Inc. registration agreement and has thereby agreed to resolve domain disputes brought by third parties in accordance with ICANN's Uniform Domain Name Dispute Resolution Policy (the "Policy").

 

On February 25, 2025, Forum served the Complaint and all Annexes, including a Written Notice of the Complaint, setting a deadline of March 17, 2025 by which Respondent could file a Response to the Complaint, via e-mail to all entities and persons listed on Respondent's registration as technical, administrative, and billing contacts, and to postmaster@baylavvinjury.com. Also on February 25, 2025, the Written Notice of the Complaint, notifying Respondent of the e-mail addresses served and the deadline for a Response, was transmitted to Respondent via post and fax, to all entities and persons listed on Respondent's registration as technical, administrative and billing contacts.

 

Having received no response from Respondent, Forum transmitted to the parties a Notification of Respondent Default.

 

On March 18, 2025, pursuant to Complainant's request to have the dispute decided by a single-member Panel, Forum appointed Steven M. Levy, Esq. as Panelist.

 

Having reviewed the communications records, the Administrative Panel (the "Panel") finds that Forum has discharged its responsibility under Paragraph 2(a) of the Rules for Uniform Domain Name Dispute Resolution Policy (the "Rules") "to employ reasonably available means calculated to achieve actual notice to Respondent" through submission of Electronic and Written Notices, as defined in Rule 1 and Rule 2. Therefore, the Panel may issue its decision based on the documents submitted and in accordance with the ICANN Policy, ICANN Rules, Forum's Supplemental Rules and any rules and principles of law that the Panel deems applicable, without the benefit of any response from Respondent.

 

RELIEF SOUGHT

Complainant requests that the domain name be transferred from Respondent to Complainant.

 

PARTIES' CONTENTIONS

A. Complainant

Complainant is a law firm and the owner of United States Trademark Registration No. 6832896 for "Bay Law", as well as the domain <baylawinjury.com>, through which it offers and renders its legal services.

 

The <baylavvinjury.com> domain name is confusingly similar to the BAY LAW mark and it does not resolve to any website content. The disputed domain name was registered on November 19, 2024, one day before Complainant's employee had their email account hacked with a rule set up to hide entries from "@baylavvinjury.com". The Respondent has no rights or legitimate interests in the disputed domain name and it was also registered and is used in bad faith.

 

B. Respondent

Respondent failed to submit a Response in this proceeding.

 

FINDINGS

-       Complainant owns trademark rights to the BAY LAW mark and the <baylavvinjury.com> domain name is confusingly similar to the mark;

-       Respondent does not have rights or legitimate interests in the disputed domain name where it is not commonly known by the domain name and the domain name does not resolve to any website content but appears to have been used to hack into the email account of one of Complainant's employees; and

-       The disputed domain name was registered and is used in bad faith based on typosquatting and the above-mentioned activity.

 

DISCUSSION

Paragraph 15(a) of the Rules instructs this Panel to "decide a complaint on the basis of the statements and documents submitted and in accordance with the Policy, these Rules and any rules and principles of law that it deems applicable."

 

Paragraph 4(a) of the Policy requires that Complainant must prove each of the following three elements to obtain an order that a domain name should be cancelled or transferred:

 

(1)       the domain name registered by Respondent is identical or confusingly similar to a trademark or service mark in which Complainant has rights; and

(2)       Respondent has no rights or legitimate interests in respect of the domain name; and

(3)       the domain name has been registered and is being used in bad faith.

 

In view of Respondent's failure to submit a response, the Panel shall decide this administrative proceeding on the basis of Complainant's undisputed representations pursuant to paragraphs 5(f), 14(a) and 15(a) of the Rules and draw such inferences it considers appropriate pursuant to paragraph 14(b) of the Rules.  The Panel is entitled to accept all reasonable allegations set forth in a complaint; however, the Panel may deny relief where a complaint contains mere conclusory or unsubstantiated arguments. See WIPO Jurisprudential Overview 3.0 at ¶ 4.3; see also eGalaxy Multimedia Inc. v. ON HOLD By Owner Ready To Expire, FA 157287 (Forum June 26, 2003) ("Because Complainant did not produce clear evidence to support its subjective allegations [. . .] the Panel finds it appropriate to dismiss the Complaint").

 

Identical and/or Confusingly Similar

Complainant asserts rights in the BAY LAW trademark through its registration with the United States Patent and Trademark Office ("USPTO"). Registration of a mark with the USPTO is sufficient to demonstrate rights in the mark under Policy ¶ 4(a)(i). See DIRECTV, LLC v. The Pearline Group, FA 1818749 (Forum  Dec. 30, 2018) ("Complainant's ownership of a USPTO registration for DIRECTV demonstrate its rights in such mark for the purposes of Policy ¶ 4(a)(i)."). Here, Complainant provides a copy of its USPTO registration certificate. Therefore, the Panel finds that Complainant has rights in the BAY LAW mark under Policy ¶ 4(a)(i).

 

Next, Complainant argues that the <baylavvinjury.com> domain name is confusingly similar to its marks since it uses a variation of the BAY LAW mark, replacing the letter "w" with two of the letter "v" and adding the word "injury" as well as the ".com" TLD. Such a subtle misspelling and the addition of a generic word is typically insufficient to distinguish a disputed domain name from an asserted trademark under Policy ¶ 4(a)(i). See Morgan Stanley v. Francis Mccarthy / Baltec Marine Llc, FA 1785347 (Forum June 8, 2018) ("The [<morganstonley.com> and <morganstainley.com>] Domain Names are confusingly similar to Complainant's marks, as they fully incorporate the MORGAN STANLEY mark, varying it only by subtle misspellings, omitting a space between the words, and adding the generic top-level domain ("gTLD") '.com.'"); see also Bloomberg Finance L.P. v. Nexperian Holding Limited, FA 1782013 (Forum June 4, 2018) ("Where a relevant trademark is recognisable within a disputed domain name, the addition of other terms (whether descriptive, geographical, pejorative, meaningless, or otherwise) does not prevent a finding of confusing similarity under the first element."). Finally, use of a TLD such as ".com" adds no distinctiveness to a disputed domain name and does not reduce confusion with an asserted trademark. See MTD Products Inc v. Mike Kernea / Skyline, FA 1775278 (Forum Apr. 19, 2018) ("The mere addition of a gTLD is inconsequential and does not avoid a finding of identity."). Complainant's BAY LAW mark is immediately recognizable in the disputed domain name despite the minor misspelling and the addition of the generic word "injury" (which is related to Complainant's legal services) and the ".com" TLD. As such, the Panel finds that the disputed domain name is confusingly similar to the mark under Policy ¶ 4(a)(i).

 

Rights or Legitimate Interests

Complainant must first make a prima facie case that Respondent lacks rights and legitimate interests in the disputed domain name under Policy ¶ 4(a)(ii). Should it succeed in this effort, the burden then shifts to Respondent to show that it does have rights or legitimate interests. See Advanced International Marketing Corporation v. AA-1 Corp, FA 780200 (Forum Nov. 2, 2011) (finding that a complainant must offer some evidence to make its prima facie case and satisfy Policy ¶ 4(a)(ii)); see also Neal & Massey Holdings Limited v. Gregory Ricks, FA 1549327 (Forum Apr. 12, 2014) ("Under Policy ¶ 4(a)(ii), Complainant must first make out a prima facie case showing that Respondent lacks rights and legitimate interests in respect of an at-issue domain name and then the burden, in effect, shifts to Respondent to come forward with evidence of its rights or legitimate interests.").

 

Complainant does not directly address Policy ¶ 4(c) though it does assert that Respondent owns no trademark rights which might be relevant to the disputed domain name, that the disputed domain name does not resolve to any website content, and that the domain name appears to have been used for nefarious purposes. Nevertheless, the Panel will consider the ¶ 4(c) elements, starting with ¶ 4(c)(ii). WHOIS information is often referenced when considering whether a respondent is commonly known by the disputed domain name under this section of the Policy. See Amazon Technologies, Inc. v. LY Ta, FA 1789106 (Forum June 21, 2018) (concluding a respondent has no rights or legitimate interests in a disputed domain name where the complainant asserted it did not authorize the respondent to use the mark, and the relevant WHOIS information indicated the respondent is not commonly known by the domain name). The WHOIS information for the disputed domain name, as verified to the Forum by the concerned Registrar, lists the registrant as "Figueroa Tom" and there is no evidence to identify Respondent otherwise. Furthermore, the lack of authorization to use an asserted trademark may indicate that a respondent has no rights or legitimate interests in a disputed domain name. See Emerson Electric Co. v. golden humble / golden globals, FA 1787128 (Forum June 11, 2018) ("lack of evidence in the record to indicate a respondent is authorized to use [the] complainant's mark may support a finding that [the] respondent does not have rights or legitimate interests in the disputed domain name per Policy ¶ 4(c)(ii)"). The WHOIS record, as revealed to Forum by the concerned Registrar following the filing of the Complaint, identifies Respondent as "Barbi Biedermann / Harper Feed Hardware, LLC" and there is nothing to indicate that Respondent is known otherwise. Further, there is no evidence to suggest that Respondent had any license or authorization to use the disputed domain name or the BAY LAW mark and Respondent has not participated in this case to assert otherwise. Therefore, the Panel finds no ground upon which to conclude that Respondent is commonly known by the disputed domain name under Policy ¶ 4(c)(ii).

 

Next, the Complaint asserts that the <baylavvinjury.com> domain name does not resolve to any website content but that it may have been used to hack one of Complainant's employee's email accounts. A Respondent failing to make use of a confusingly similar domain name in relation to a website typically indicates a lack of a bona fide offering of goods or services or a legitimate noncommercial or fair use under Policy ¶¶ 4(c)(i) or (iii). See Kohler Co. v xi long chen, FA 1737910 (Forum Aug. 4, 2017) ("Respondent has not made a bona fide offering of goods or services, or a legitimate non-commercial or fair use of the domain. Here, Complainant submits a screenshot of a web page displaying the message "Hmm. We're having trouble finding that site. We can't connect to the server at baylavvinjury.com." This web behavior of the disputed domain name does not indicate that Respondent has any rights or legitimate interests in the disputed domain name. Furthermore, Complainant asserts that "Respondent's domain was created one day before Complainant's employee had their email account hacked with a rule set up to hide entries from '@baylavvinjury.com'". This seems analogous to situations where injection of malicious code is attempted and this does not constitute a bona fide offering nor a legitimate or fair use under the Policy. See, e.g., Coachella Music Festival, LLC v. Carolina Rodrigues / Fundacion Comercio Electronico, FA 1785199 (Forum June 5, 2018) ("Respondent uses the <coechella.com> domain name to direct internet users to a website which is used to attempt to install malware on visiting devices. Using the domain name in this manner is neither a bona fide offering of goods or services under Policy ¶ 4(c)(i), nor a non-commercial or fair use under Policy ¶ 4(c)(iii)."). Complainant submits screenshots of an email filter, which was installed on the account of its hacked employee, setting up a rule "If the sender's address contains these words: '@baylavvinjury.com', mark the message as Read, move the message to folder 'Conversation History' and stop processing more rules on this message." This action appears intended to hide incoming messages that contain the disputed domain name which indicates that whomever hacked the employee's email account wanted to have exclusive access to such messages without Complainant's employee seeing them. While no evidence is submitted to directly prove that Respondent was responsible for the email hack, mention of the typosquatted <baylavvinjury.com> domain name in this injected email rule strongly suggest a connection to Respondent and it certainly indicates use of the domain name in connection with a likely phishing scheme whereby messages are sent to one of Complainant's customers or other business partners but responses to such messages are not seen by the Complainant. As Complainant has made out a prima facie case that has not been rebutted by Respondent, upon a preponderance of the available evidence the Panel finds that Respondent fails to make a bona fide offering of goods or services or a legitimate noncommercial or fair use of the disputed domain name per Policy ¶¶ 4(c)(i) or (iii).

 

Registration and Use in Bad Faith

Although not addressed in the Complaint, a foundational question under ¶ 4(a)(iii) is whether or not Respondent had knowledge of Complainant's rights in its BAY LAW mark at the time it registered the <baylavvinjury.com> domain name. Some attribution of knowledge of a complainant's trademark, whether actual, constructive, or based upon a conclusion that a respondent should have known of the mark, is inherently prerequisite to a finding of bad faith under the Policy. See The Clash Of Trademarks And Domain Names On The Internet, at 573 (Gerald M. Levine, Legal Corner Press, 2024) ("Claims of cybersquatting rest in part on proof that respondents are motivated in their acquisitions by the values of marks corresponding to the disputed domain names; and it is that awareness of complainant's right that is said to support a finding of abusive registration."); See also USA Video Interactive Corporation v. B.G. Enterprises, D2000-1052 (WIPO Dec. 13, 2000) (claim denied where "Respondent registered and used the domain name without knowledge of Complainant for a bona fide commercial purpose."). Bad faith, under the Policy, is predicated on a respondent specifically targeting the asserted mark of the complainant and this "can be established by either direct evidence (e.g. content of the website) or circumstantial evidence such as strength of the mark and nature of a disputed domain name (e.g. mark plus a term describing Complainant's business), timing of registration of a domain name and timing of trademark registration, geographic proximity of the parties." UDRP Perspectives on Recent Jurisprudence, § 3.3 (updated Jan. 15, 2025), available at https://udrpperspectives.org). While the Complaint has not made any claim nor provided any evidence relating to the reputation of its BAY LAW mark, the appearance of the <baylavvinjury.com> domain name in the newly-created rule of the hacked employee's email account does present direct evidence of activity which strongly indicates Respondent's actual knowledge of the mark when the domain name was registered one day prior to the hacking event.

 

Next, Complainant argues that Respondent registered and uses the <baylavvinjury.com> domain name in bad faith because there is no associated web content, Respondent has engaged in typosquatting, and code was inserted into the recently hacked email account of one of Complainant's employees, likely in furtherance of a phishing activity. Such conduct is indicative of bad faith under Policy ¶ 4(b)(iv).

 

To address the first claim, nonuse of a disputed domain name, i.e., "passive holding", has been held to indicate bad faith when viewed against all of the circumstances of a given situation. Opportunity Financial, LLC v. Warut Chuaynoo, FA 1994278 (Forum June 2, 2022) ("Respondent's failure to actively use the at-issue domain name shows bad faith registration and use of the domain name pursuant to Policy ¶ 4(a)(iii). * * * Respondent's passive holding of the at-issue domain name suggests Respondent's present intent to capitalize on the confusion between the <opploansmyoffer.com> domain name and Complainant's trademark at some time in the future."). Here, the <baylavvinjury.com> domain name does not resolve to any website and there is no evidence that it is actively used in any other way. However, when viewed against the remaining grounds for bad faith – typosquatting and insertion of malicious code in furtherance of a likely phishing scheme – the Panel finds that the non-use of the domain name does support a finding of bad faith in the present case under the familiar test set out in Telstra Corporation Limited v. Nuclear Marshmallows, D2000-0003 (WIPO Feb. 18, 2000).

 

Next, typosquatting, itself, has also been held to present good evidence of bad faith registration and use of a disputed domain name. The Panel in Webster Financial Corporation and Webster Bank, National Association v. IS / ICS INC, FA 16833 (Forum Aug. 11, 2016) noted that "[t]yposquatting is a practice whereby a domain name registrant, such as Respondent, deliberately introduces typographical errors or misspellings into a trademark and then uses the string in a domain name. The conniving registrant wishes and hopes that Internet users will inadvertently type the malformed trademark or read the domain name and believe it is legitimately associated with the target trademark. In doing so, wayward Internet users are fraudulently directed to a web presence controlled by the confusingly similar domain name's registrant." In light of the visual similarity between the <baylavvinjury.com> domain name and Complainant's BAY LAW mark and its own <baylawinjury.com> domain name, it is apparent that the disputed domain name is a typosquatted variation of these assets designed to confuse those who see it into believing that it originates with Complainant, all for Respondent's commercial gain.

 

The use of malicious code has also been held to be a strong indicator of bad faith under the Policy, even where a disputed domain name does not resolve to any website. See, e.g., Bloomberg Finance L.P. v. Shaun Jones, FA 1751367 (Forum Oct. 30, 2017) ("The disputed domain name has been identified in a malicious code found on a compromised corporate system and does not currently resolve to an active domain name."). The Panel references the above-mentioned screenshots of an email diversion rule that includes the <baylavvinjury.com> domain name and that was inserted into the account of the hacked employee. This evidence shows that Respondent is targeting Complainant's mark and gives the clear impression that Respondent is seeking to perpetuate a phishing scheme in which certain incoming emails are hidden from Complainant – likely those from phishing targets who received messages from the hacked account. Based on this evidence of Respondent's activity and its likely use pursue commercial gain for Respondent based on confusion with Complainant's mark, the Panel finds firm ground upon which to conclude that Respondent both registered and uses the disputed domain name in bad faith under Policy ¶ 4(b)(iv).

 

Finally, phishing activity is certainly improper and shows bad faith under the Policy. See EOG Resources, Inc. v. Host Master / 1337 Services LLC, FA 2065425 (Forum Nov. 8, 2023) ("Respondent is using the Disputed Domain Name for the purposes of sending fraudulent emails purporting to impersonate Complainant and one of its named senior employees, for the purposes of phishing allows this Panel to find that the Disputed Domain Name is being used in bad faith."). Here, Complainant notes that, one day after the disputed domain name was registered, one of its employee's email accounts was hacked and the above-mentioned email rule was inserted into its processing of incoming emails. This fits with a strategy where certain emails from customers or business partners are hidden from a complainant so that a nefarious actor (the respondent?) may engage in a phishing scheme without the complainant's immediate knowledge. While Complainant has provided no direct evidence of such activity using the <baylavvinjury.com> domain name, the activity involving the domain name that has been supported with evidence does strongly suggest that phishing activity was Respondent's ultimate goal. Thus, the Panel finds that this further supports its finding of bad faith under Policy ¶ 4(b)(iv).

 

DECISION

Having established all three elements required under the ICANN Policy, the Panel concludes that relief shall be GRANTED.

 

Accordingly, it is Ordered that the <baylavvinjury.com> domain name be TRANSFERRED from Respondent to Complainant.

 

 

 

 

Steven M. Levy, Esq., Panelist

Dated: March 20, 2025