Equifax Inc. v Domain Admin, DataPoint Limited

ADMINISTRATIVE PANEL DECISION

Equifax Inc. v. Domain Admin, DataPoint Limited

Case No. D2025-0050

1. The Parties

The Complainant is Equifax Inc., United States of America (or “U.S.”), represented by The GigaLaw Firm,

Douglas M. Isenberg, Attorney at Law, LLC, United States of America.

The Respondent is Domain Admin, DataPoint Limited, United States of America.

2. The Domain Name and Registrar

The disputed domain name <fraudalertequifax.com> is registered with Communigal Communications Ltd.

(the “Registrar”).

3. Procedural History

The Complaint was filed with the WIPO Arbitration and Mediation Center (the “Center”) on January 8, 2025.
On January 8, 2025, the Center transmitted by email to the Registrar a request for registrar verification in
connection with the disputed domain name. On January 10, 2025, the Registrar transmitted by email to the
Center its verification response disclosing registrant and contact information for the disputed domain name
which differed from the named Respondent (Unknown) and contact information in the Complaint. The
Center sent an email communication to the Complainant on January 10, 2025, providing the registrant and
contact information disclosed by the Registrar, and inviting the Complainant to submit an amendment to the

Complaint. The Complainant filed an amendment to the Complaint on January 12, 2025,

The Center verified that the Complaint together with the amendment to the Complaint satisfied the formal
requirements of the Uniform Domain Name Dispute Resolution Policy (the “Policy” or “UDRP”), the Rules for
Uniform Domain Name Dispute Resolution Policy (the “Rules”), and the WIPO Supplemental Rules for

Uniform Domain Name Dispute Resolution Policy (the “Supplemental Rules”).

In accordance with the Rules, paragraphs 2 and 4, the Center formally notified the Respondent of the
Complaint, and the proceedings commenced on January 14, 2025. In accordance with the Rules, paragraph
5, the due date for Response was February 3, 2025. The Respondent did not submit any response.
Accordingly, the Center notified the Respondent’s default on February 4, 2025.

page 2

The Center appointed Nels T. Lippert as the sole panelist in this matter on February 12, 2025. The Panel finds that it was properly constituted. The Panel has submitted the Statement of Acceptance and Declaration of Impartiality and Independence, as required by the Center to ensure compliance with the Rules, paragraph 7.

4. Factual Background

The Complainant is a leading global provider of information solutions and human resources business process outsourcing services for business, government, and consumers. It operates in 24 countries in North America, Central and South America, Europe, and the Asia Pacific region. The Complainant employs approximately 11,000 people worldwide. It is a member of Standard & Poor’s (S&P) 500 Index, and its common stock is traded on the New York Stock Exchange (NYSE) under the symbol EFX.

The Complainant owns at least 221 trademark registrations in at least 56 jurisdictions around the world for
marks that consist of or contain the word EQUIFAX, which was first used in commerce and registered in
1975. It owns the following trademarks in the United States of America:

- EQUIFAX: U.S. Reg. No. 1,027,544 (first used in commerce March 4, 1975; registered December 16, 1975) for use in connection with “insurance risk information reporting services concerning potential policy holders”;

- EQUIFAX: U.S. Reg. No. 1,045,574 (first used in commerce March 4, 1975; registered August 3, 1976) for
use in connection with “conducting investigations and reporting on individuals and firms concerning credit,

character and finances…”;

- EQUIFAX: U.S. Reg. No. 1,644,585 (first used in commerce March 4, 1975; registered May 14, 1991) for
use in connection with, inter alia, “providing on-line access to computer databases containing information

relating to applicants for insurance, credit, mortgage loans, and employment”.

The Complainant is the registrant of the domain name <equifax.com>, which was created on February 21,
1995. The Complainant uses the domain name <equifax.com> in connection with its primary website.

The disputed domain name was created on February 7, 2008, and redirected to different websites at different times, including a website that purports to detect a “vulnerability … in the Internet connection.”

5. Parties’ Contentions

A. Complainant

The Complainant contends that it has satisfied each of the elements required under the Policy for a transfer of the disputed domain name.

Notably, the Complainant contends that the disputed domain name is confusingly similar to the Complainant’s EQUIFAX trademark because it contains the entirety of the trademark and the descriptive phrase “fraud alert” does not diminish the confusing similarity. The Complainant further assets that the Respondent has no rights or legitimate interests in the disputed domain name because the Complainant has never assigned, granted, licensed, sold, transferred or in any way authorized the Respondent to register or use the EQUIFAX trademark, and there is no commercial relationship between the Complainant and the Respondent. The Complainant also asserts that the Respondent has never been commonly known by the disputed domain name and has never acquired any trademark or service mark rights in the disputed domain name.

page 3

The Complainant contends that the disputed domain name is or was, at various times, used for illegal activities such as directing to a website that falsely purports to detect a “vulnerability …in the Internet connections” and tries to trick users into installing an app which is reported by a third-party vendor as associated with malware or suspicious activities. The Complainant further argues that the Respondent has

configured Mail Exchange (“MX”) records for the disputed domain name which enables the Respondent to send and receive email with addresses that use the disputed domain name. The Complainant asserts that this is evidence that the Respondent intended or intends to use the disputed domain name to send emails as

part of a fraudulent phishing scheme.

B. Respondent

The Respondent did not reply to the Complainant’s contentions.

6. Discussion and Findings

As noted above, the Respondent did not respond to the Complainant’s allegations. Under the Rules, paragraphs 5(f) and 14(a), the effect of a default by the Respondent is that, in the absence of exceptional circumstances, the Panel shall proceed to a decision on the basis of the Complaint. The Panel does not find any exceptional circumstance in this case.

Paragraph 4(a) of the Policy provides that in order to divest a respondent of a domain name, a complainant must demonstrate each of the following:

(i)The domain name is identical or confusingly similar to a trademark or service mark in which the

complainant has rights; and

(ii)The respondent has no rights or legitimate interests in respect of the domain name; and

(iii)The domain name has been registered and is being used in bad faith.

Under paragraph 15(a) of the Rules, “[a] Panel shall decide a complaint on the basis of the statements and documents submitted and in accordance with the Policy, these Rules and any rules and principles of law that it deems applicable”

In this case, the Panel finds that as a result of the default, the Respondent has failed to rebut any of the reasonable factual assertions that are made and supported by evidence submitted by the Complainant. By defaulting and failing to respond, the Respondent has failed to offer the Panel any of the types of evidence set forth in Paragraph 4(c) of the Policy or otherwise, from which the Panel might conclude that the Respondent has any rights or legitimate interests in the disputed domain name.

Moreover, the Respondent failed to provide any information or reasoning that might rebut the Complainant’s arguments that the Respondent has acted in bad faith.

A. Identical or Confusingly Similar

It is well accepted that the first element functions primarily as a standing requirement. The standing (or threshold) test for confusing similarity involves a reasoned but relatively straightforward comparison between the Complainant’s trademark and the disputed domain name. WIPO Overview of WIPO Panel Views on Selected UDRP Questions, Third Edition, (“WIPO Overview 3.0”), section 1.7.

The Complainant has shown rights in respect of a trademark or service mark for the purposes of the Policy.
WIPO Overview 3.0, section 1.2.1.

page 4

The entirety of the mark is reproduced within the disputed domain name. Accordingly, the disputed domain name is confusingly similar to the mark for the purposes of the Policy. WIPO Overview 3.0, section 1.7.

Although the addition of other terms here, “fraud alert”, may bear on assessment of the second and third elements, the Panel finds the addition of such terms does not prevent a finding of confusing similarity between the disputed domain name and the mark for the purposes of the Policy. WIPO Overview 3.0, section 1.8.

Furthermore, it is well established that the applicable Top-Level Domain (“TLD”) in a domain name is viewed as a standard registration requirement and as such is disregarded under the first element confusing similarity test. WIPO Overview 3.0, section 1.11.

The Panel finds the first element of the Policy has been established.

B. Rights or Legitimate Interests

Paragraph 4(c) of the Policy provides a list of circumstances in which the Respondent may demonstrate rights or legitimate interests in a disputed domain name.

Although the overall burden of proof in UDRP proceedings is on the complainant, panels have recognized that proving a respondent lacks rights or legitimate interests in a domain name may result in the difficult task of “proving a negative”, requiring information that is often primarily within the knowledge or control of the respondent. As such, where a complainant makes out a prima facie case that the respondent lacks rights or legitimate interests, the burden of production on this element shifts to the respondent to come forward with relevant evidence demonstrating rights or legitimate interests in the domain name (although the burden of proof always remains on the complainant). If the respondent fails to come forward with such relevant evidence, the complainant is deemed to have satisfied the second element. WIPO Overview 3.0, section 2.1.

Having reviewed the available record, the Panel finds the Complainant has established a prima facie case that the Respondent lacks rights or legitimate interests in the disputed domain name. The Respondent has not rebutted the Complainant’s prima facie showing and has not come forward with any relevant evidence demonstrating rights or legitimate interests in the disputed domain name such as those enumerated in the Policy or otherwise.

Panels have held that the use of a domain name for illegal activity here, claimed as applicable to this case: phishing, distributing malware, impersonation/passing off, or other types of fraud can never confer rights or legitimate interests on a respondent. WIPO Overview 3.0, section 2.13.1.

The Panel finds the second element of the Policy has been established.

C. Registered and Used in Bad Faith

The Panel notes that, for the purposes of paragraph 4(a)(iii) of the Policy, paragraph 4(b) of the Policy establishes circumstances, in particular, but without limitation, that, if found by the Panel to be present, shall be evidence of the registration and use of a domain name in bad faith.

In the present case, the Panel notes that the Respondent registered and used the disputed domain name in an apparent attempt to attract Internet users for the purposes of illegal activity. The Complainant has presented evidence of such potential illegal activity.

Paragraph 4(b) of the Policy sets out a list of non-exhaustive circumstances that may indicate that a domain name was registered and used in bad faith, but other circumstances may be relevant in assessing whether a respondent’s registration and use of a domain name is in bad faith. WIPO Overview 3.0, section 3.2.1.

page 5