Intrum AB v Jewel Blevins, BlevinsWebArtisans

ARBITRATION

AND

ADMINISTRATIVE PANEL DECISION

Intrum AB v. Jewel Blevins, BlevinsWebArtisans; Princess Garner,
PressPrincess; Zyaire Lowe

Case No. D2024-4934

1. The Parties

The Complainant is Intrum AB, Sweden, represented by Abion GmbH, Switzerland.

The Respondent is Jewel Blevins, BlevinsWebArtisans; Princess Garner, PressPrincess; Zyaire Lowe,

United States of America (“United States” or “U.S.”).1

2. The Domain Names and Registrar

The disputed domain names <intrumturva.com>, <todennusintrum.com>, and <turvaintrum.com> are registered with Nicenic International Group Co., Limited (the “Registrar”).

3. Procedural History

The Complaint was filed with the WIPO Arbitration and Mediation Center (the “Center”) on November 28, 2024. On the same day, the Center transmitted by email to the Registrar a request for registrar verification in connection with the disputed domain names. Also on November 29, 2024, the Registrar transmitted by email to the Center its verification response disclosing registrant and contact information for the disputed domain names which differed from the named Respondent (REDACTED FOR PRIVACY) and contact information in the Complaint.

The Center sent an email communication to the Complainant on December 4, 2024, with the registrant and contact information of nominally multiple underlying registrants revealed by the Registrar, requesting the Complainant to either file separate complaint(s) for the disputed domain names associated with different underlying registrants or alternatively, demonstrate that the underlying registrants are in fact the same entity

1According to the Registrar’s verifications, “Jewel Blevins, BlevinsWebArtisans” is the registrant’s name at the disputed domain name

<todennusintrum.com> WhoIs record; “Princess Garner, PressPrincess” is the registrant’s name at the WhoIs record of the disputed
domain name <intrumturva.com>; and “Zyaire Lowe” is the registrant’s name at the WhoIs record of the disputed domain name
<turvaintrum.com>. In this decision, unless reference is made to any of them separately, all three are collectively named as the
“Respondent”.

page 2

and/or that all domain names are under common control. The Complainant filed an amended Complaint on

December 9, 2024.

The Center verified that the Complaint together with the amended Complaint satisfied the formal
requirements of the Uniform Domain Name Dispute Resolution Policy (the “Policy” or “UDRP”), the Rules for
Uniform Domain Name Dispute Resolution Policy (the “Rules”), and the WIPO Supplemental Rules for
Uniform Domain Name Dispute Resolution Policy (the “Supplemental Rules”).

In accordance with the Rules, paragraphs 2 and 4, the Center formally notified the Respondent of the Complaint, and the proceedings commenced on December 13, 2024. In accordance with the Rules, paragraph 5, the due date for Response was January 2, 2025. The Respondent did not submit any response. Accordingly, the Center notified the Respondent’s default January 9, 2025.

The Center appointed Reyes Campello Estebaranz as the sole panelist in this matter on January 20, 2025.
The Panel finds that it was properly constituted. The Panel has submitted the Statement of Acceptance and
Declaration of Impartiality and Independence, as required by the Center to ensure compliance with the

Rules, paragraph 7.

4. Factual Background

The Complainant is a credit management and financial services company with a strong base in collection operations. It was founded in 1923 in Stockholm, Sweden, and it has been listed on the Stockholm Nasdaq since 2002. Currently, the Complainant employs around 10,000 people in 25 countries and serves around 100,000 customers across Europe.

The Complainant is the owner of numerous INTRUM trademark registrations, including International hereinafter referred as the “INTRUM mark”).

Trademark Registration No. 306639, INTRUM (word), registered on June 14, 1999; and European Union

A prior decision under the Policy has recognized the reputation of the INTRUM mark.2

The Complainant further owns and operates a number of the domain names incorporating its INTRUM mark, including <intrum.com> (registered on April 9, 1996), which resolves to its corporate website.

The disputed domain name <intrumturva.com> (“First Disputed Domain Name”) was registered on October
1, 2024; the disputed domain name <todennusintrum.com> (“Second Disputed Domain Name”) was
registered on October 2, 2024; and the disputed domain name <turvaintrum.com> (“Third Disputed Domain
Name”) was registered on October 10, 2024.

The Second and Third Disputed Domain Names resolve to identical pages that indicate, “Sorry, you have been blocked”. These pages further indicate, “Why have I been blocked? This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution.

There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data. What can I do to resolve this? You can email the site owner to let them know you were blocked. Please include what you were doing when this page came up and the Cloudflare Ray ID found at the bottom of this page.” At the end of these sites there is a clicking bottom to get the IP of the user indicating, “Cloudflare Ray ID: 906728aaf9be74de • Your IP: Click to reveal • Performance & security by

Cloudflare”.

2See, e.g., Intrum AB v. Kim Ku, Kimku Host, WIPO Case No. D2024-0246.

page 3

The First Disputed Domain Name resolves to an alert page with red background that marks the site as a “Dangerous site”, and indicates, “Attackers on the site you’re trying to visit might trick you into installing software or revealing things like your password, phone, or credit card number […]”. According to the evidence provided by the Complainant, following several phishing warnings, this disputed domain name eventually resolves to a website indicating, “You are identifying yourself in the service SUOMI.FI”, allegedly a “common identification service for public administration e-services”. This site prompt Internet users to “choose an authentication method”, and, once an authentication method is selected, they are requested to insert sensitive login information, such as username and password.

On October 17, 2024, the Complainant sent a cease and desist communication to the Respondent regarding the First and Second Disputed Domain Names, and the Complainant alleges no response was received from the Respondent.

5. Parties’ Contentions

A. Complainant

The Complainant contends that it has satisfied each of the elements required under the Policy for a transfer of the disputed domain names.

Notably, the Complainant contends that the disputed domain names are confusingly similar to its INTRUM mark, as all three incorporate in its entirety this trademark with the addition of Finnish terms (“turva”, which means protection and/or safety, or “todennus”, which means authentication) related to the Complainant’s

business. The trademark is recognizable within the disputed domain names.

The Complainant further contends the Respondent has no rights or legitimate interests in the disputed domain names. The Respondent has no authorization to use the INTRUM mark and is not affiliated to the Complainant, nor is it commonly known by the disputed domain names. The disputed domain manes incorporate the INTRUM mark together with terms related to the Complainant’s field and carry a risk of implied affiliation that reflects an intention to generate a false affiliation and likelihood of confusion. The passive holding of two of the disputed domain names, and the use of the First Disputed Domain Name to redirect Internet users to a website providing an authentication method, in an attempt to obtain sensitive information (e.g., login details such as username and password), cannot be considered a bona fide offering of goods or services or any legitimate use. The use of a domain name for an illegal activity cannot confer rights or legitimate interests under the Policy.

The Respondent finally contends the disputed domain names were registered and are being used in bad faith. The Complainant and the reputed INTRUM mark enjoy a strong online presence; any search over the Internet for the terms “intrum turva”, “turva intrum”, or “todennus intrum” reveals the Complainant and its trademark. It is therefore inconceivable the Respondent was unaware of their existence when it registered the disputed domain names. The additional terms in the disputed domain names, related to the Complainant’s business, are a further indication of bad faith. The Respondent has intentionally targeted the Complainant and its trademark for taking advantage of their reputation, in an attempt to attract, for commercial gain, Internet users to the Respondent’s websites by creating a false affiliation. Under the doctrine of passive holding, taking into account the circumstances of this case, the non-use of the Second and Third Disputed Domain Names do not prevent a finding of bad faith. The use of the First Disputed Domain Name purportedly for phishing purposes, as well as the Respondent’s lack of response to the Complainant’s cease and desist letter, are further evidence of bad faith.

B. Respondent

The Respondent did not reply to the Complainant’s contentions.

page 4

6. Discussion and Findings

The Complainant has made the relevant assertions as required by the Policy and the dispute is properly within the scope of the Policy. The Panel has authority to decide the dispute examining the three elements in paragraph 4(a) of the Policy, taking into consideration all of the relevant evidence, annexed material and allegations, and performing some limited independent research under the general powers of the Panel articulated, inter alia, in paragraph 10 of the Rules. The Panel will further refer to prior UDRP cases and doctrine where appropriate, as well as various sections of the WIPO Overview of WIPO Panel Views on Selected UDRP Questions, Third Edition (“WIPO Overview 3.0”).

A. Preliminary issue: Consolidation against Multiple Registrants

The amended Complaint was filed in relation to nominally different domain name registrants. The Complainant alleges the domain name registrants are the same entity or related entities and the disputed domain names are under common control, and it requests the consolidation of the Complaint against the multiple disputed domain name registrants.

The disputed domain names’ registrants did not comment on the Complainant’s request.

In addressing the Complainant’s request, the Panel will consider whether (i) the disputed domain names or corresponding websites are subject to common control; and (ii) the consolidation would be fair and equitable to all Parties. WIPO Overview 3.0, section 4.11.2.

As regards common control, the Panel notes that the circumstances of this case show a similar pattern in the disputed domain names that leads to consider they are under a common control. Particularly, the Panel notes (i) the disputed domain names share a similar composition and structure, as all three incorporate the INTRUM mark followed or preceded by an additional term related to the Complainant’s business (“turva”/protection/safety, or “todennus”/authentication); (ii) the disputed domain names were registered with the same Registrar and within a short period of time (October 1-10, 2024); (iii) the use of the disputed domain names is equally similar, two of them resolving to identical pages indicating the sites are blocked, and the other of them to a site marked as dangerous, and all requesting Internet users to provide sensible information; and (iv) the domain names’ registrants used privacy services and provided the same country (United Sates) in the WhoIs records for the disputed domain names, all three using the same name servers and the same IP addresses.

As regards fairness and equity, the Panel sees no reason why consolidation of the disputed domain names in a single proceeding would be unfair or inequitable to any Party.

Accordingly, the Panel decides to consolidate the dispute regarding the nominally different disputed domain name registrants (collectively referred to as “the Respondent”) in a single proceeding.

B. Identical or Confusingly Similar

It is well accepted that the first element functions primarily as a standing requirement. The standing (or threshold) test for confusing similarity involves a reasoned but relatively straightforward comparison between the Complainant’s trademark and the disputed domain name. WIPO Overview 3.0, section 1.7.

The Complainant has shown rights in respect of a trademark or service mark for the purposes of the Policy, namely the INTRUM mark. WIPO Overview 3.0, section 1.2.1.

The Panel finds the mark is recognizable within the disputed domain names. Accordingly, the disputed domain names are confusingly similar to the mark for the purposes of the Policy. WIPO Overview 3.0, section 1.7.

page 5

Although the addition of other terms, here, the Finnish terms “turva” (protection/safety) or “todennus”
(authentication), may bear on assessment of the second and third elements, the Panel finds the addition of
such terms does not prevent a finding of confusing similarity between the disputed domain names and the

INTRUM mark for the purposes of the Policy. WIPO Overview 3.0, section 1.8.

Accordingly, the Panel finds the first element of the Policy has been established.

C. Rights or Legitimate Interests

Paragraph 4(c) of the Policy provides a list of circumstances in which the Respondent may demonstrate rights or legitimate interests in a disputed domain name.

Although the overall burden of proof in UDRP proceedings is on the complainant, panels have recognized that proving a respondent lacks rights or legitimate interests in a domain name may result in the difficult task of “proving a negative”, requiring information that is often primarily within the knowledge or control of the respondent. As such, where a complainant makes out a prima facie case that the respondent lacks rights or legitimate interests, the burden of production on this element shifts to the respondent to come forward with relevant evidence demonstrating rights or legitimate interests in the domain name (although the burden of proof always remains on the complainant). If the respondent fails to come forward with such relevant evidence, the complainant is deemed to have satisfied the second element. WIPO Overview 3.0, section 2.1.

Having reviewed the available record, the Panel finds the Complainant has established a prima facie case that the Respondent lacks rights or legitimate interests in the disputed domain names. The Respondent has not rebutted the Complainant’s prima facie showing and has not come forward with any relevant evidence demonstrating rights or legitimate interests in the disputed domain names such as those enumerated in the Policy or otherwise.

The Panel finds nothing in the record indicating the Respondent may have any rights or legitimate interests in the disputed domain names.

The Panel notes the term “intrum” either alone or in combination with the terms “turva” or “todennus” does not share any similarities with the registrants’ names reveled by the Registrar’s verifications.

The Panel has further corroborated through various searches over the Global Brands Database using the registrant’s names, that the Respondent does not appear to own any registered trademark consisting of or including the terms “intrum”, “intrum turva”, “turva intrum” or “todennus intrum”.3

The Panel further notes the disputed domain names are not used in connection to a bona fide offering of goods or services, but in connection to websites apparently blocked or marked as dangerous sites. In this respect, the Panel notes the disputed domain names’ composition generates an implied affiliation to the Complainant and its trademark by incorporating the INTRUM mark along with terms related to the Complainant’s field of activity. The Panel further notes, according to the evidence in record, the First Disputed Domain Name requests an authentication by Internet users and the other two disputed domain names have been flagged for security reasons, which in all three cases potentially involve an attempt at obtaining personal sensible information. Additionally, the Panel notes the pages linked to the First Disputed Domain Name do not include information about their owner or that of the First Disputed Domain Name, nor do they include any information about their lack of relationship with the Complainant and its trademark.

3Noting in particular the general powers of a panel, it has been accepted that a panel may undertake limited factual research into

matters of public record if it would consider such information useful to assessing the case merits and reaching a decision.
WIPO Overview 3.0, section 4.8.

page 6

The Panel finds the composition and use of the disputed domain names indicates an intention to impersonate the Complainant or one of its affiliated businesses, and generate a false affiliation, which alongside with the potential collection of users’ personal sensible information constitutes an illegal or illegitimate activity that can never confer rights or legitimate interests on the Respondent. Panels have held the use of a domain name for illegal or illegitimate activity, here claimed phishing, impersonation/passing off, or other types of fraud, can never confer rights or legitimate interests on a respondent. WIPO Overview 3.0, section 2.13.1.

Accordingly, the Panel finds the second element of the Policy has been established.

D. Registered and Used in Bad Faith

The Panel notes that, for the purposes of paragraph 4(a)(iii) of the Policy, paragraph 4(b) of the Policy establishes circumstances, in particular, but without limitation, that, if found by the Panel to be present, shall be evidence of the registration and use of a domain name in bad faith.

In the present case, the Panel notes the notoriety and international use of the INTRUM mark since its launch that precedes by many years the registration of the disputed domain names,4 as well as its extensive presence over the Internet.

The Panel has further corroborated through various searches over the Internet for the terms “intrum” “intrum turva”, “turva intrum”, and “todennus intrum”, that, according to the Complainant’s allegations, these searches prominently reveal the Complainant’s business identified by the INTRUM mark.

The Panel further notes the disputed domain names contain the INTRUM mark followed or preceded by Finnish terms related to the Complainant’s field of activity (“turva” or “todennus”, protection/safety and authentication, respectively), which, as such, are closely related to or commonly used in the Complainant’s business. The use of terms that closely correspond to the Complainant’s field of activity increases the risk of confusion or affiliation by Internet users. This circumstance together with all other circumstances of this case, lead the Panel to consider the Respondent likely knew and targeted the Complainant and its INTRUM mark, consciously choosing the composition of the disputed domain names in bad faith at the time of their registration.

Furthermore, according to the evidence provided by the Complainant, the First Disputed Domain Name, after several security warnings, resolves to a website, displaying no information about its lack or relationship with the Complainant and its trademark, which requests Internet users to authenticate themselves providing sensitive personal information. The pages linked to the Second and Third Disputed Domain Names, apparently resolve to sites that were blocked by the server for security reasons. The Panel finds this use, under the present circumstances, points to a fraudulent purpose, and there is, therefore, little doubt that the Respondent intended to earn profit from the confusion created with Internet users. The Respondent used and probably still uses the disputed domain names to take advantage of the Complainant’s reputation and to give credibility to its operations through the incorporation of the Complainant’s INTRUM mark, in bad faith, to the disputed domain names in order to purportedly obtain sensitive valuable information from Internet users.

The use of the disputed domain names to collect users’ personal sensitive information constitutes an illegal or illegitimate activity that constitutes bad faith. Panels have held that the use of a domain name for illegal or illegitimate activity constitutes bad faith. WIPO Overview 3.0, section 3.4.

Additionally, the Panel is also entitled to draw an adverse inference from the failure of the Respondent to respond to the Complainant’s cease and desist communication, as well as to the Complaint and to the factual allegations made by the Complainant.

4 According to the Complaint, the Complainant was founded in 1923, and is listed on the Stockholm Nasdaq since 2002.

page 7

Therefore, the Panel finds the Complainant has established the third element of the Policy.

7. Decision

For the foregoing reasons, in accordance with paragraphs 4(i) of the Policy and 15 of the Rules, the Panel orders that the disputed domain names <intrumturva.com>, <todennusintrum.com>, and <turvaintrum.com> be transferred to the Complainant.

/Reyes Campello Estebaranz/
Reyes Campello Estebaranz
Sole Panelist
Date: January 31, 2025