Insured Aircraft Title Service, LLC v Domain Administrator
WIPO Case No. D2022-2280
•11-08-2022
ARBITRATION
AND
| MEDIATION CENTER |
ADMINISTRATIVE PANEL DECISION
Insured Aircraft Title Service, LLC v. Domain Administrator,
See PrivacyGuardian.org / Adam Manku; Steve Aston; Graham Matt;
Shoukry Shokralla; Jean Larry; Robert Peerless
Case No. D2022-2280
1. The Parties
The Complainant is Insured Aircraft Title Service, LLC, United States of America (“U.S.”), represented by
Crowe & Dunlevy, P.C., U.S.
The Respondent is Domain Administrator, See PrivacyGuardian.org, U.S. / Adam Manku, U.S.;
Steve Aston, United Kingdom; Graham Matt, United Kingdom; Shoukry Shokralla, United Kingdom;
Jean Larry, United Kingdom; and Robert Peerless, United Kingdom.
2. The Domain Names and Registrars
The disputed domain names <insuredairccraft.com>, <insuredairccrraft.com>, <insuredaircrafft.com>,
<insuredairrccraft.com>, <insuredairrcrraft.com>, <insureedaircraft.com>, and <lnsuredaircraft.com>
(“the Domain Names”) are registered with NameSilo, LLC (the “Registrar”).
3. Procedural History
The Complaint was filed with the WIPO Arbitration and Mediation Center (the “Center”) on June 22, 2022.
On June 24, 2022, the Center transmitted by email to the Registrar a request for registrar verification in connection with the disputed domain names. Also on June 24, 2022, the Registrar transmitted by email to the Center its verification response disclosing registrant and contact information for the disputed domain names which differed from the named Respondent and contact information in the Complaint.
The Center sent an email communication to Complainant on June 29, 2022 providing the registrant and contact information disclosed by the Registrar, and inviting Complainant to submit an amendment to the Complaint. Complainant filed an amended Complaint on July 1, 2022.
The Center verified that the Complaint together with the amended Complaint satisfied the formal
requirements of the Uniform Domain Name Dispute Resolution Policy (the “Policy” or “UDRP”), the Rules for
Uniform Domain Name Dispute Resolution Policy (the “Rules”), and the WIPO Supplemental Rules for
Uniform Domain Name Dispute Resolution Policy (the “Supplemental Rules”).
page 2
In accordance with the Rules, paragraphs 2 and 4, the Center formally notified Respondent of the Complaint, and the proceedings commenced on July 4, 2022. In accordance with the Rules, paragraph 5, the due date for Response was July 24, 2022. Respondent did not submit any response. Accordingly, the Center notified
Respondent’s default on July 25, 2022.
The Center appointed Marina Perraki as the sole panelist in this matter on July 28, 2022. The Panel finds that it was properly constituted. The Panel has submitted the Statement of Acceptance and Declaration of Impartiality and Independence, as required by the Center to ensure compliance with the Rules, paragraph 7.
4. Procedural Issue: Consolidation of Respondents
The Panel has considered the possible consolidation of the Complaint for the Domain Names at issue.
According to WIPO Overview of WIPO Panel Views on Selected UDRP Questions, Third
Edition (“WIPO Overview 3.0”), section 4.11.2, “Where a complaint is filed against multiple respondents,
panels look at whether (i) the domain names or corresponding websites are subject to common control, and
(ii) the consolidation would be fair and equitable to all parties. Procedural efficiency would also underpin
panel consideration of such a consolidation scenario”.
The registered Respondent for both <insuredaircrafft.com> and <lnsuredaircraft.com> is the same.
The Panel notes the following features of the Domain Names and arguments submitted by Complainant in favor of the consolidation of all the Domain Names:
As Complainant demonstrated, Registrant used each of the Domain Names to create corresponding email addresses which were all used in the same fraudulent impersonation scheme.
Respondent impersonated Complainant’s executives and employees, including the same ones for different
fraudulent email addresses composed of different Domain Names. In each case, per Complaint, sent fraudulent emails using the Domain Names to parties involved in the transaction, providing fraudulent banking or wire instructions in hopes of intercepting funds transferred during the transaction.
Furthermore:
- the email string for the <lnsuredaircraft.com> domain name includes an email from the
<insuredairccrraft.com> domain name at the start of the string and the email body contains virtually identical
language;
- each of the fraudulent emails sent under the email addresses corresponding to the Domain Names
<insuredairccrraft.com>, <lnsuredaircraft.com>, <insuredairrccraft.com>, <insuredairrcrraft.com>, and
<insureedaircraft.com>, includes reference to the acquisition of the exact same Title & Escrow company;
- these emails also include the same language, including the following: “To accommodate this growth and
expansion, we are currently changing our organization structure including our bank account information.”
In addition, the Panel takes into account that:
- although the contact information for <insuredaircrafft.com> and <lnsuredaircraft.com> and the contact
information for <insuredairccraft.com> and <insuredairrccraft.com> refers to different names, the email
contacts for all four domain names use the same <tuta.io> domain;
- the domain names <insuredaircrafft.com>, <lnsuredaircraft.com>, and <insuredairccraft.com> share the same phone number , and this number has a 718 Houston area code and is neither a New York or Great Britain phone number.
page 3
The Panel finds that consolidation of the Domain Names is fair to the Parties, and Respondents have been
given an opportunity to object to consolidation through the submission of pleadings to the Complaint (if
indeed there are more than one Respondent for these Domain Names) but have chosen not to rebut the
consolidation (see WIPO Overview 3.0, sections 4.11.1 and 4.11.2; Virgin Enterprises Limited
v. LINYANXIAO aka lin yanxiao, WIPO Case No. D2016-2302). Based on the file, the Panel finds that it is
more likely than not that, the Domain Names are in common control of one entity, and hence the Panel
grants the consolidation for the above Domain Names (and will refer to these Respondents as
“Respondent”).
5. Factual Background
Complainant, Insured Aircraft Title Service, LLC, was founded in 1963 and is located in Oklahoma City,
Oklahoma, U.S. Complainant has provided worldwide escrow services and title and document recordation
services to the entire aviation industry. It has grown to become one of the world’s largest aircraft title and
escrow companies with clients on every continent. Complainant’s main website is found at
“
Complainant holds the U.S. trademark registration no 4,086,419, INSURED AIRCRAFT TITLE SERVICE, INC. (and design), filed on March 12, 2010 and registered on January 17, 2012, with first use in commerce January 1, 1970, for services in international classes 35 and 36.
The Domain Names were registered on the following dates:
<insuredairccraft.com> on October 18, 2021
<insuredairccrraft.com> on December 19, 2021
<insuredaircrafft.com> on October 25, 2021
<insuredairrccraft.com> on November 23, 2021
<insuredairrcrraft.com> on November 19, 2021
<insureedaircraft.com> on November 3, 2021
<lnsuredaircraft.com> on October 7, 2021
Since the Domain Names were registered, Respondent has repeatedly used the Domain Names for the sole purpose of defrauding businesses by impersonating executives and employees at Complainant, using email addresses based on the Domain Names. The aim per Complaint was to divert funds designated for
transactions involving Complainant to Respondent’s private bank accounts. As examples, Complainant
produced email exchanges as follows:
A. In relation to the Domain Name <insuredairccraft.com> (an extra “c” is presented in the word “aircraft”):
On November 15, 2021, Respondent impersonated an employee and assistant to a senior executive at
Complainant by using the email address […]@insuredairccraft.com to contact one of Complainant’s clients stating “[p]lease find attached wire instructions”, in an attempt to fraudulently divert funds to Respondent’s
bank account. The email address [...]@insuredaicrcraft.com is an example of a “typosquat” on the
employee’s actual email address [...]@insuredaircraft.com.
B. In relation to the Domain Name <insuredaiccrraft.com> (an extra “c” and an extra “r” are presented in the word “aircraft”):
On January 5, 2022, Respondent impersonated a senior executive at Complainant by using the email
address [...]@insuredairccrraft.com to send a notice to Complainant’s client that “we are currently changing
our organization structure including our account information”, providing fraudulent wire instructions to
Complainant’s clients or counterparties.
page 4
C. In relation to the Domain Name <insuredaircrafft.com> (an extra “f” is presented in the word “aircraft”):
On October 22, 2019, Respondent impersonated the President and CEO at Complainant by using the email
address […]@insuredaircrafft.com to send a request to Complainant’s employee asking the employee to
“please make sure this invoice is paid asap”. This email demonstrates, per Complaint, that Respondent had
intercepted an actual invoice and was attempting to impersonate Complainant with the hope of obtaining
fraudulent payment by Complainant.
Furthermore, on October 28, 2021, Respondent impersonated (an employee and assistant to a senior executive at Complainant) by using the email address [...]@insuredaircrafft.com to contact a senior executive
at Complainant, stating “we have changed and updated our escrow banking instructions”, and “[f]or further
information regarding banking instructions, do not hesitate to email us and we will promptly provide them to
you upon your request” in another attempt to impersonate Complainant with the hope of providing fraudulent
wire instruction to Complainant.
D. In relation to the Domain Name <insuredairrccraft.com> (an extra “c” and an extra “r” is presented in the word “aircraft”):
On November 24, 2021, Respondent impersonated an executive at Complainant by using the email address
[…]@insuredairrccraft.com to send a notice to Complainant’s clients regarding Complainant’s bank
accounts. The email notes that “[t]o accommodate this growth and expansion related to the acquisition of
[redacted], we are currently changing our organization structure including our bank account information. For
further information regarding our banking instructions, do not hesitate to email me” in an attempt to
impersonate Complainant with the hope of providing fraudulent wire instructions to Complainant’s clients or
counterparties.
E. In relation to the Domain Name <insuredairrcrraft.com> (two extra “r”s are presented in the word
“aircraft”):
On December 21, 2021, Respondent impersonated an executive at Complainant by using the email address
[...]@insuredairrcrraft.com to send a notice to Complainant’s clients regarding Complainant’s bank accounts.
The email notes that “[t]o accommodate this growth and expansion related to the acquisition of [redacted],
we are currently changing our organization structure including our bank account information. For further
information regarding our banking instructions, do not hesitate to email me” in an attempt to impersonate
Complainant with the hope of providing fraudulent wire instructions to Complainant’s clients or
counterparties.
F. In relation to the Domain Name <insureedaircraft.com> (an extra “e” is presented in the word “insured”):
On November 3, 2021, Respondent impersonated an employee and assistant to a senior executive at
Complainant by using the email address […]@insuredaircrafft.com to send a notice to Complainant’s clients regarding Complainant’s bank accounts. The email notes that “[t]o accommodate this growth and expansion
related to the acquisition of [redacted], we are currently changing our organization structure including our
bank account information”. And “[f]or further information regarding our banking instructions, do not hesitate to email us”. This is yet another attempt to impersonate Complainant with the hope of providing fraudulent
wire instructions to Complainant’s clients or counterparties.
G. In relation to the Domain Name <lnsuredaircraft.com> (the letter “l” has replaced the letter “i” in the word
“insured”):
On March 31, 2020, Respondent impersonated an executive at Complainant by using the email address
[…]@lnsuredaircraft.com to send a notice to Complainant’s clients regarding Complainant’s bank accounts.
The email notes that “our old account is currently being audited and will not be able to receive payment
pending the time this issue is resolved. To avoid delay in transactions, we will provide you our updated bank
account for immediate and future payments” in an attempt to impersonate Complainant with the hope of
page 5
providing fraudulent wire instructions to Complainant’s clients or counterparties.
Furthermore, in January 2022, Respondent impersonated an executive at Complainant by using the email
address […]@lnsuredaircraft.com to send a notice to Complainant’s clients regarding Complainant’s bank
accounts. The email states“[t]o accommodate this growth and expansion related to the acquisition of
[redacted], we are currently changing our organization structure including our bank account information” and
“[f]or further information regarding our banking instructions, do not hesitate to email us” in an attempt to
impersonate Complainant with the hope of providing fraudulent wire instructions to Complainant’s clients or
counterparties.
Per Complaint, this scheme requires Respondent to have knowledge of a pending transaction involving background information regarding these transactions, which is then used to for the fraudulent email.
Complainant, or at least knowledge of parties to a transaction involving Complainant. This suggests that
Currently, the Domain Names lead to inactive websites.
6. Parties’ Contentions
A. Complainant
Complainant asserts that it has established all three elements required under paragraph 4(a) of the Policy for a transfer of the Domain Names.
B. Respondent
Respondent did not reply to the Complainant’s contentions.
7. Discussion and Findings
Paragraph 4(a) of the Policy lists the three elements that Complainant must satisfy with respect to the
Domain Name:
(i) the Domain Name is identical or confusingly similar to a trademark or service mark in which Complainant
has rights; and
(ii) Respondent has no rights or legitimate interests in respect of the Domain Name; and
(iii) the Domain Name has been registered and is being used in bad faith.
A. Identical or Confusingly Similar
Complainant has demonstrated rights through registration and use on the INSURED AIRCRAFT TITLE
SERVICE, INC. mark.
The Panel finds that the Domain Names are confusingly similar with the INSURED AIRCRAFT TITLE
SERVICE, INC. trademark of Complainant.
The Domain Names incorporate the said trademark of Complainant, in its basic elements “Insured Aircraft”,
entirely (with different typographical errors). This is sufficient to establish confusing similarity (Magnum
Piering, Inc. v. The Mudjackers and Garwood S. Wilson, Sr., WIPO Case No. D2000-1525).
page 6
The addition of single letters or change from small to capital letters in the Domain Names does not prevent a finding of confusing similarity as the IATS INSURED AIRCRAFT TITLE SERVICE, INC. mark and in
particular its basic elements “Insured Aircraft” remain clearly distinguishable (WIPO Overview 3.0, section
1.8).
The generic Top-Level Domain (“gTLD”) “.com” is also disregarded, as gTLDs typically do not form part of
the comparison on the grounds that they are required for technical reasons only (Rexel Developpements
SAS v. Zhan Yequn, WIPO Case No. D2017-0275).
The Panel finds that the Domain Names are confusingly similar to the INSURED AIRCRAFT TITLE
SERVICE, INC. trademark of Complainant.
Complainant has established Policy, paragraph 4(a)(i).
B. Rights or Legitimate Interests
Pursuant to paragraph 4(c) of the Policy, Respondent may establish its rights or legitimate interests in the
Domain Name, among other circumstances, by showing any of the following elements:
(i) before any notice to Respondent of the dispute, Respondent’s use of, or demonstrable preparations to
use, the Domain Name or a name corresponding to the Domain Name in connection with a bona fide offering
of goods or services; or
(ii) Respondent (as an individual, business, or other organization) has been commonly known by the Domain
Name, even if it has acquired no trademark or service mark rights; or
(iii) Respondent is making a legitimate noncommercial or fair use of the Domain Name, without intent for
commercial gain to misleadingly divert consumers or to tarnish the trademark or service mark at issue.
The Panel concludes that Respondent lacks rights or legitimate interests in respect of the Domain Names.
Respondent has not submitted any response and has not claimed any such rights or legitimate interests with respect to the Domain Names. As per Complainant, Respondent was not authorized to register the Domain Names.
Prior to the notice of the dispute, Respondent did not demonstrate any use of the Domain Names or a trademark corresponding to the Domain Names in connection with a bona fide offering of goods or services.
On the contrary, as Complainant demonstrated, the Domain Names were used to create email addresses and send emails purportedly of Complainant in the context of a fraud scheme. Use of a domain name for illegal activity can never confer rights or legitimate interests on a respondent (WIPO Overview 3.0,
section 2.13.1).
The Panel finds that these circumstances do not confer upon Respondent any rights or legitimate interests in respect of the Domain Names.
Complainant has established Policy, paragraph 4(a)(ii).
C. Registered and Used in Bad Faith
Paragraph 4(b) of the Policy provides that the following circumstances, “in particular but without limitation”,
are evidence of the registration and use of the Domain Name in “bad faith”:
(i) circumstances indicating that Respondent has registered or has acquired the Domain Name primarily for
the purpose of selling, renting, or otherwise transferring the Domain Name registration to Complainant who is
page 7
the owner of the trademark or service mark or to a competitor of that Complainant, for valuable consideration
in excess of its documented out-of-pocket costs directly related to the Domain Name; or
(ii) that Respondent has registered the Domain Name in order to prevent the owner of the trademark or service mark from reflecting the mark in a corresponding domain name, provided that Respondent has engaged in a pattern of such conduct; or
(iii) that Respondent has registered the Domain Name primarily for the purpose of disrupting the business of
a competitor; or
(iv) that by using the Domain Name, Respondent has intentionally attempted to attract, for commercial gain,
Internet users to Respondent’s website or other online location, by creating a likelihood of confusion with
Complainant’s mark as to the source, sponsorship, affiliation, or endorsement of Respondent’s website or
location or of a product or service on Respondent’s website or location.
The Panel concludes that Respondent has registered and used the Domain Names in bad faith.
Because the INSURED AIRCRAFT TITLE SERVICE, INC. mark had been used and registered by
Complainant before the Domain Names’ registration, the Panel finds it more likely than not that Respondent had Complainant’s mark in mind when registering the Domain Name (Tudor Games, Inc. v. Domain
Hostmaster, Customer ID No. 09382953107339 dba Whois Privacy Services Pty Ltd / Domain Administrator,
Vertical Axis Inc., WIPO Case No. D2014-1754; and Parfums Christian Dior v. Javier Garcia Quintas and
Christiandior.net, WIPO Case No. D2000-0226).
Respondent should have known about Complainant’s rights, as such knowledge is readily obtainable
through a simple browser search (see Caesars World, Inc. v. Forum LLC, WIPO Case No. D2005-0517; and
Compart AG v. Compart.com / Vertical Axis Inc., WIPO Case No. D2009-0462).
Furthermore, Respondent could have conducted a trademark search and would have found Complainant’s
prior registrations in respect of INSURED AIRCRAFT TITLE SERVICE, INC. (Citrix Online LLC v. Ramalinga
Reddy Sanikommu Venkata, WIPO Case No. D2012-1338).
Lastly, the Domain Names were used by Respondent to impersonate Complainant in an email fraud scheme. knowledge of Complainant and its industry.
As regards to bad faith use, Complainant demonstrated that the Domain Names were employed to send fraudulent emails impersonating Complainant.
Use of Complainant’s trademark, logos, corporate name and the names of Complainant’s employees and
executives for a fraudulent email scam evidences that Respondent was obviously aware of Complainant and has deliberately targeted its business. Furthermore, use of a domain name for purposes such as phishing or identity theft, constitutes bad faith use (WIPO Overview 3.0, section 3.4).
Under these circumstances and on this record, the Panel finds that Respondent has registered and is using the Domain Names in bad faith.
Complainant has established Policy, paragraph 4(a)(iii).
page 8
8. Decision
For the foregoing reasons, in accordance with paragraphs 4(i) of the Policy and 15 of the Rules, the Panel
orders that the disputed domain names, <insuredairccraft.com>, <insuredairccrraft.com>,
<insuredaircrafft.com>, <insuredairrccraft.com>, <insuredairrcrraft.com>, <insureedaircraft.com>, and
<lnsuredaircraft.com> be transferred to Complainant.
/Marina Perraki/
Marina Perraki
Sole Panelist
Date: August 11, 2022
0
0
0