MX.com and ᴍx.com look similar, but they are completely different and unrelated domain names. The first is a valuable two letter .com domain name, and the second is a IDN domain name [xn--x-x6l.com]. The registrant of MX.com (MX Technologies, Inc.) filed a UDRP against the ᴍx.com domain name, and the registrant of the IDN prevailed. The UDRP was filed at WIPO and the decision was published this morning.
Here’s what the complainant alleged as the reason it filed the UDRP citing bad faith usage of the domain name:
“As to the registration and use of the disputed domain name in bad faith, the Complainant argues that on March 5, 2019 one of the Complainant’s customers noticed in a security scan, the potential for suspicious activities and notified the Complainant of the disputed domain name (Annex 5 to the Complaint). The Complainant states (but does not annex copy thereof) that it immediately sent an email regarding the registration and use of the disputed domain name but received no reply from the Respondent.
Such bad faith use, under the Complainant’s view is the only use made of the disputed domain name and indicates that the Respondent registered the disputed domain name primarily for the purpose of disrupting the Complainant’s business, and for intentionally attempting to attract, for commercial gain, Internet users to the disputed domain by creating a likelihood of confusion with the Complainant’s MX marks and domain name. Lastly, the retention of a privacy service should be regarded as a bad faith attempt to evade enforcement of the Complainant’s legitimate trademark rights and obstruct these proceedings.”
The respondent in the UDRP made an informal response, but it only stated “that the disputed domain name was no longer his.”
In reaching his decision, the UDRP panelist (Wilson Pinheiro Jabur) reviewed the email submitted by the complainant that appears to have been the cause for concern. In the panelist’s view, the email was not specific to the domain name that was subject to the UDRP but was apparently a general warning about similar domain names. From the decision:
“The evidence submitted by the Complainant (Annex 5 to the Complaint) consists however of an email of March 5, 2019 sent to the Complainant by one of its clients, alerting the Complainant of the disputed domain name therein described as a “suspicious email domain that could affect MX” and further stating that “[w]e’ve seen multiple incidents where a lookalike domain was used to pose as individuals from the organization (usually via email) to commit fraud (payment of manipulated/fraudulent invoices) or trick the recipient into revealing sensitive information via Social Engineering”.
Under this Panel’s view such message appears to be a mere notice of the registration of the disputed domain name and potential risks but does not characterize in itself as an indication of actual suspicious activity being performed at or with the disputed domain name (just the possibility thereof).”
Because the complainant did not appear to submit actual evidence of bad faith on the part of the owner of the IDN domain name, the panelist ruled in favor of the respondent.
I was a bit surprised by the decision, but I can see why the panelist ruled the way he did. I actually think the easier decision would have been to rule in favor of the complainant, but it looks like he made the right call by reviewing the warning email and understanding it was apparently not specific to the IDN domain name. Hopefully the IDN does not get used for any trickery.