In a WIPO UDRP decision, panelist Zoltán Takács ordered the transfer of three disputed domains—abbcharger.cc, abbcharger.top, and abbcharger.xin—from respondents Zitzki mo and Signa Air Design to ABB Asea Brown Boveri Ltd. The domains previously resolved to identical web pages displaying the ABB mark and requesting user logins before going inactive. The panel ruled that the addition of the descriptive term ‘charger’ did not prevent confusing similarity and constituted bad-faith registration.
Case Snapshot
| Case Number | D2025-5086 |
|---|---|
| Complainant | ABB Asea Brown Boveri Ltd. |
| Respondent | Zitzki mo, Signa Air Design |
| Disputed Domain | abbcharger.ccabbcharger.topabbcharger.xin |
| Threat Tactic | Brand Plus Keyword |
| Decision Date | 2025-01-14 |
| Panelist | Zoltán Takács |
| Outcome | Transfer |
| Official Source | https://www.wipo.int/amc/en/domains/search/text.jsp?case=D2025-5086 |
Credential Harvesting and Impersonation Risks in Targeted Industry-Keyword Domains
Combining a high-equity brand with an industry-specific keyword represents a highly targeted traffic diversion tactic designed to exploit consumer search patterns. In this case, the Respondent coupled the registered trademark ‘ABB’ with the descriptive term ‘charger’ to create three confusingly similar domains: abbcharger.cc, abbcharger.top, and abbcharger.xin. By targeting a term central to the Complainant’s business in power and automation, the Respondent sought to siphon off organic web traffic intended for the official online presence at www.abb.com. This brand-plus-keyword approach exploits consumer intent, positioning the bad-faith domains as legitimate company portals dedicated to charging products.
The primary threat in this dispute manifests as corporate impersonation and potential credential harvesting. Before becoming inactive, the three disputed domains resolved to identical web interfaces that featured the exact match of the stylized red ‘ABB’ mark. Visitors were prompted to submit registration forms or input credentials, specifically an email address and a password. Although the administrative record contains no proof of actual user compromise, direct financial loss, or documented outbound phishing emails, the infrastructure itself was configured to harvest sensitive user login data under a deceptive, high-fidelity corporate facade.
This multi-domain registration campaign also highlights the operational burden of portfolio dilution across generic and country-code top-level domains. By registering variants across .cc, .top, and .xin within a ten-day window in late October 2025, the Respondent distributed the threat across multiple registries. For IP professionals, this highlights the necessity of fast-acting, unified defense strategies. Unregulated lookalike portals not only dilute trademark exclusivity but can systematically erode customer trust when users are funneled through unauthorized credential-capture loops rather than the safe, established channel at www.abb.com.
WIPO Panel Analysis: Confusing Similarity, Rights or Legitimate Interests, and Bad Faith
In evaluating the first UDRP element, Sole Panelist Zoltán Takács applied the standard threshold test comparing the Complainant’s registered trademark with the disputed domains. ABB Asea Brown Boveri Ltd. established rights in its red stylized ‘ABB’ trademark, registered under European Union Trademark Registration No. 002628964 on November 21, 2003. The Panel concluded that the disputed domains—abbcharger.cc, abbcharger.top, and abbcharger.xin—are confusingly similar to the mark. The integration of the descriptive term ‘charger’ alongside the core brand is insufficient to prevent confusing similarity, confirming that brand-plus-keyword tactics do not bypass UDRP standing requirements.
Regarding rights or legitimate interests, the Respondent, identified as Zitzki mo and Signa Air Design, failed to respond to the Complainant’s allegations. The Panel found no evidence that the Respondent possesses any authorization to use the ABB mark or has been commonly known by the disputed names. Instead, the evidence showed that the domains resolved to identical lookalike websites that prominently displayed the exact match of the Complainant’s trademark. Because these resolving pages prompted users for login credentials, such as an email address and password, the Panel determined that the Respondent was not engaged in a bona fide offering of goods or services.
Under the third element, the Panel established that the Respondent registered and used the disputed domains in bad faith. By pairing a famous trademark with a highly relevant sector term (‘charger’), the Respondent targeted the Complainant’s distinct business profile to intentionally divert internet traffic. Operating replica login screens designed to solicit user credentials clearly demonstrates bad-faith exploitation. Although the case record contains no documentation of active outbound phishing emails, proven customer financial losses, or confirmed credential theft, the deceptive setup itself satisfies the criteria for bad faith registration and use under the Policy.
For IP professionals and brand managers, this decision illustrates the strategic necessity of monitoring and rapidly addressing coordinated domain registrations. The Respondent secured three different extensions (.cc, .top, and .xin) within a ten-day window in late October 2025. This coordinated effort highlights how bad actors quickly deploy multiple TLDs to dilute trademark strength and construct credential-harvesting environments. Resolving these registrations through a single consolidated WIPO complaint successfully neutralizes brand threats before measurable operational or financial damage occurs.
Strategic Demonstration of Brand-Plus-Keyword Confusion and Active Credential Harvesting Risk
The Complainant’s strategy succeeded by establishing a clear timeline of priority rights and demonstrating that the addition of descriptive industry terms does not dilute trademark protection. By presenting European Union Trademark Registration No. 002628964 for its stylized red ‘ABB’ mark—registered in November 2003—the Complainant established prior rights over the three disputed domains registered in late October 2025. This foundation allowed the Complainant to successfully argue that incorporating the term ‘charger’ to form ‘abbcharger’ failed to distinguish the disputed domains from the famous mark. The Panel affirmed this, establishing that combining a high-equity industrial brand with a core sector term like ‘charger’ maintains confusing similarity under the first element of the UDRP.
Furthermore, the Complainant’s case was made highly persuasive by documenting the operational behavior of the resolving websites before they became inactive. The Complainant presented evidence that abbcharger.cc, abbcharger.top, and abbcharger.xin resolved to identical websites displaying the Complainant’s exact stylized red mark and requiring users to input email addresses and passwords. While the case record contains no proof that any specific user credentials were stolen or that outbound phishing emails were sent, the documented existence of these lookalike portal interfaces successfully established a severe risk of credential harvesting. This evidence of identical clone sites exploiting a famous brand to capture sensitive user inputs was key to the Panel’s finding of bad-faith registration and use, resulting in an order to transfer the domains.
Practical Recommendations
- Establish automated brand-monitoring alerts that track the core trademark combined with high-value industry terms (such as ‘charger’) across non-traditional generic and country-code top-level domains like .cc, .top, and .xin to detect malicious registrations early.
- Capture and preserve forensic evidence—such as time-stamped screenshots and source code—of any resolving lookalike login interfaces immediately, as evidence of credential-harvesting setups is critical for establishing bad-faith use even if the site is later taken offline.
- Consolidate multiple brand-infringing domains into a single WIPO UDRP complaint when they display identical templates or are registered in close temporal proximity (e.g., within a 10-day window) to optimize legal spend and ensure a unified transfer outcome.
- Integrate proactive domain monitoring feeds with internal IT security teams so that newly registered lookalike domains can be blacklisted on corporate mail servers and firewalls, mitigating the threat of credential harvesting or phishing before a UDRP decision is finalized.
Frequently Asked Questions (FAQ)
Why did the Panel consider the domain names abbcharger.cc, abbcharger.top, and abbcharger.xin to be confusingly similar to the ABB mark?
The Panel determined that the disputed domains are confusingly similar because they incorporate the complainant’s well-known ‘ABB’ mark in its entirety. The addition of the descriptive term ‘charger’ was found insufficient to distinguish the domains from the ABB trademark.
What evidence did the Panel cite to prove the respondent acted in bad faith?
Bad faith was established by the respondent’s use of the domains to host websites that displayed the ABB mark and mimicked the company’s branding. By soliciting user login credentials on these lookalike portals, the respondent demonstrated an intent to exploit the ABB mark for deceptive purposes.
How did the lack of a response from the respondent impact the case outcome?
The respondent failed to reply to the complainant’s contentions or provide any evidence of rights or legitimate interests in the disputed domains. This default, combined with the clear evidence of site imitation, led the Panel to confirm that the respondent had no legitimate interest and had registered the domains in bad faith.
What was the primary security risk posed by these disputed domains?
The domains presented a significant credential harvesting risk. By creating identical-looking interfaces that requested email addresses and passwords, the respondent attempted to trick users into compromising their login credentials, effectively impersonating the ABB corporate identity.
Detected an unauthorized ‘Brand + Keyword’ domain?
Look-alike domains combining your trademark with descriptive industry terms are often used to harvest credentials or divert traffic. Ensure your brand is protected against these impersonation attempts.
This case note is for informational purposes only and is not legal advice.



