Complainant is Kimley-Horn and Associates, Inc., United States of America (“United States”), represented by Nelson Mullins Riley & Scarborough, LLP, United States.
Respondent is Abrahim Hashim, United States.
The disputed domain name <kimley-horn.co> is registered with NameSilo, LLC (the “Registrar”).
The Complaint was filed with the WIPO Arbitration and Mediation Center (the “Center”) on May 14, 2019. On May 15, 2019, the Center transmitted by email to the Registrar a request for registrar verification in connection with the disputed domain name. On the same day, the Registrar transmitted by email to the Center its verification response confirming that Respondent is listed as the registrant and providing the contact details.
The Center verified that the Complaint satisfied the formal requirements of the Uniform Domain Name Dispute Resolution Policy (the “Policy” or “UDRP”), the Rules for Uniform Domain Name Dispute Resolution Policy (the “Rules”), and the WIPO Supplemental Rules for Uniform Domain Name Dispute Resolution Policy (the “Supplemental Rules”).
In accordance with the Rules, paragraphs 2 and 4, the Center formally notified Respondent of the Complaint, and the proceedings commenced on May 21, 2019. In accordance with the Rules, paragraph 5, the due date for Response was June 10, 2019. Respondent did not submit any response. Accordingly, the Center notified Respondent’s default on June 11, 2019.
The Center appointed Jeffrey M. Samuels as the sole panelist in this matter on June 18, 2019. The Panel finds that it was properly constituted. The Panel has submitted the Statement of Acceptance and Declaration of Impartiality and Independence, as required by the Center to ensure compliance with the Rules, paragraph 7.
Complainant Kimley-Horn and Associates, Inc. is a planning, engineering and design consulting firm that offers full services in a wide range of disciplines. Since as early as 1967, when the firm was founded, Complainant has used the mark KIMLEY-HORN in connection with its services. Complainant owns two United States trademark registrations (Nos. 2,788,474 and 4,685,771) for its KIMLEY-HORN mark. The registrations issued in 2003 and 2015. Complainant also owns the domain name <kimley-horn.com>, which it has used since April 1996.
Respondent registered the disputed domain name <kimley-horn.co> on April 1, 2019. Within a few days, Respondent, through a series of communications, posed as two of Complainant’s actual employees in order to send phishing emails to one of Complainant’s clients in an effort to obtain payment on an allegedly outstanding invoice. To combat Respondent’s phishing attack, Complainant filed phishing abuse complaints with the registrar, NameSilo. NameSilo determined that Complainant’s phishing abuse complaint had merit and, accordingly, placed the disputed domain name on ClientHold status.
Complainant indicates that it obtained common law rights in the KIMLEY-HORN trademark dating back as early as 1967 and cites its two United States trademark registrations for KIMLEY-HORN as support for the contention that it has rights in such mark. It further contends that the disputed domain name is identical to its mark as the disputed domain name replicates the KIMLEY-HORN mark in its entirety.
Complainant further maintains that Respondent has no rights or legitimate interests in the disputed domain name in issue. It points out that it has not authorized Respondent to use the KIMLEY-HORN mark and that Respondent is not a licensee of the mark. Complainant asserts that Respondent will not be able to establish he is making a bona fide use of the disputed domain name, insofar as the evidence indicates that Respondent used/is using the disputed domain name to impersonate Complainant’s employees in connection with an email phishing attack directed at one of Complainant’s clients. Finally, Complainant alleges that there is nothing to indicate that Respondent has ever been commonly known as “kimley-horn”.
With respect to the issue of “bad faith” registration and use, Complainant refers to prior UDRP panel decisions recognizing that the registration of domain names in furtherance of phishing scams is evidence of bad faith registration and use. According to Complainant, “[t]here can be no doubt that Respondent intentionally chose to register the Domain Name, which is identical to Complainant’s KIMLEY-HORN Mark, with the bad faith intent to create confusion through use of the confusingly similar Domain Name and impersonation of Complainant’s employees to deceive Complainant’s client to perpetuate a fraud.”
Respondent did not reply to Complainant’s contentions.
The Panel finds that the disputed domain name, <kimley-horn.co>, is, for all intents and purposes, identical to the mark KIMLEY-HORN. As noted by Complainant, the disputed domain name incorporates in full the mark. The addition of the country code TLD “.co” (“ccTLD”) does not avoid such a finding.
The Panel further determines that Complainant has rights in the mark KIMLEY-HORN. The evidence establishes that Complainant, through its longstanding use of, and ownership of United States trademark registrations for, the KIMLEY-HORN mark has rights in such mark.
The Panel determines that Respondent has no rights or legitimate interests in the disputed domain name. The use of the domain name for such a fraudulent purpose as phishing, obviously, cannot be held to constitute a bona fide use of the disputed domain name. See CMA CGM v. Diana Smith, WIPO Case No. D2015-1774 (finding that respondent had no rights or legitimate interests in the disputed domain name, holding that “such phishing scam cannot be considered a bona fide offering of goods or services nor a legitimate noncommercial or fair use of the Domain Name.”). There also is no evidence that Respondent is commonly known by the disputed domain name.
The Panel concludes that the disputed domain name was registered and is being used in bad faith. The registration of a domain name in furtherance of phishing scams supports a finding of bad faith registration and use. See BHP Billiton Innovation Pty Ltd. v. Domains By Proxy LLC / Douglass Johnson, WIPO Case No. D2016-0364 (“[T]he use of an email address associated with the disputed domain name, to send a phishing email for the purposes of dishonest activity is in itself evidence that the disputed domain name was registered and is being used in bad faith.”). See also National Westminster Bank plc v. Sites / Michael Vetter, WIPO Case No. D2013-0870 (phishing constitutes bad faith use). The Panel further finds that Respondent clearly knew of Complainant’s mark at the time he registered the disputed domain name.
For the foregoing reasons, in accordance with paragraphs 4(i) of the Policy and 15 of the Rules, the Panel orders that the disputed domain name <kimley-horn.co> be transferred to Complainant.
Jeffrey M. Samuels
Sole Panelist
Date: June 25, 2019