5 May, 2026

Exploiting Industrial Brands: The ABB Lookalike Domain Dispute

UDRP Cases

In a WIPO UDRP decision, panelist Zoltán Takács ordered the transfer of three disputed domains—abbcharger.cc, abbcharger.top, and abbcharger.xin—from respondents Zitzki mo and Signa Air Design to ABB Asea Brown Boveri Ltd. The domains previously resolved to identical web pages displaying the ABB mark and requesting user logins before going inactive. The panel ruled that the addition of the descriptive term ‘charger’ did not prevent confusing similarity and constituted bad-faith registration.

Case Snapshot

Case Number D2025-5086
Complainant ABB Asea Brown Boveri Ltd.
Respondent Zitzki mo, Signa Air Design
Disputed Domain
abbcharger.ccabbcharger.topabbcharger.xin
Threat Tactic Brand Plus Keyword
Decision Date 2025-01-14
Panelist Zoltán Takács
OutcomeTransfer
Official Source https://www.wipo.int/amc/en/domains/search/text.jsp?case=D2025-5086

Credential Harvesting and Impersonation Risks in Targeted Industry-Keyword Domains

Combining a high-equity brand with an industry-specific keyword represents a highly targeted traffic diversion tactic designed to exploit consumer search patterns. In this case, the Respondent coupled the registered trademark ‘ABB’ with the descriptive term ‘charger’ to create three confusingly similar domains: abbcharger.cc, abbcharger.top, and abbcharger.xin. By targeting a term central to the Complainant’s business in power and automation, the Respondent sought to siphon off organic web traffic intended for the official online presence at www.abb.com. This brand-plus-keyword approach exploits consumer intent, positioning the bad-faith domains as legitimate company portals dedicated to charging products.

The primary threat in this dispute manifests as corporate impersonation and potential credential harvesting. Before becoming inactive, the three disputed domains resolved to identical web interfaces that featured the exact match of the stylized red ‘ABB’ mark. Visitors were prompted to submit registration forms or input credentials, specifically an email address and a password. Although the administrative record contains no proof of actual user compromise, direct financial loss, or documented outbound phishing emails, the infrastructure itself was configured to harvest sensitive user login data under a deceptive, high-fidelity corporate facade.

This multi-domain registration campaign also highlights the operational burden of portfolio dilution across generic and country-code top-level domains. By registering variants across .cc, .top, and .xin within a ten-day window in late October 2025, the Respondent distributed the threat across multiple registries. For IP professionals, this highlights the necessity of fast-acting, unified defense strategies. Unregulated lookalike portals not only dilute trademark exclusivity but can systematically erode customer trust when users are funneled through unauthorized credential-capture loops rather than the safe, established channel at www.abb.com.

Strategic Demonstration of Brand-Plus-Keyword Confusion and Active Credential Harvesting Risk

The Complainant’s strategy succeeded by establishing a clear timeline of priority rights and demonstrating that the addition of descriptive industry terms does not dilute trademark protection. By presenting European Union Trademark Registration No. 002628964 for its stylized red ‘ABB’ mark—registered in November 2003—the Complainant established prior rights over the three disputed domains registered in late October 2025. This foundation allowed the Complainant to successfully argue that incorporating the term ‘charger’ to form ‘abbcharger’ failed to distinguish the disputed domains from the famous mark. The Panel affirmed this, establishing that combining a high-equity industrial brand with a core sector term like ‘charger’ maintains confusing similarity under the first element of the UDRP.

Furthermore, the Complainant’s case was made highly persuasive by documenting the operational behavior of the resolving websites before they became inactive. The Complainant presented evidence that abbcharger.cc, abbcharger.top, and abbcharger.xin resolved to identical websites displaying the Complainant’s exact stylized red mark and requiring users to input email addresses and passwords. While the case record contains no proof that any specific user credentials were stolen or that outbound phishing emails were sent, the documented existence of these lookalike portal interfaces successfully established a severe risk of credential harvesting. This evidence of identical clone sites exploiting a famous brand to capture sensitive user inputs was key to the Panel’s finding of bad-faith registration and use, resulting in an order to transfer the domains.

Practical Recommendations

  • Establish automated brand-monitoring alerts that track the core trademark combined with high-value industry terms (such as ‘charger’) across non-traditional generic and country-code top-level domains like .cc, .top, and .xin to detect malicious registrations early.
  • Capture and preserve forensic evidence—such as time-stamped screenshots and source code—of any resolving lookalike login interfaces immediately, as evidence of credential-harvesting setups is critical for establishing bad-faith use even if the site is later taken offline.
  • Consolidate multiple brand-infringing domains into a single WIPO UDRP complaint when they display identical templates or are registered in close temporal proximity (e.g., within a 10-day window) to optimize legal spend and ensure a unified transfer outcome.
  • Integrate proactive domain monitoring feeds with internal IT security teams so that newly registered lookalike domains can be blacklisted on corporate mail servers and firewalls, mitigating the threat of credential harvesting or phishing before a UDRP decision is finalized.

Frequently Asked Questions (FAQ)

Why did the Panel consider the domain names abbcharger.cc, abbcharger.top, and abbcharger.xin to be confusingly similar to the ABB mark?

The Panel determined that the disputed domains are confusingly similar because they incorporate the complainant’s well-known ‘ABB’ mark in its entirety. The addition of the descriptive term ‘charger’ was found insufficient to distinguish the domains from the ABB trademark.

What evidence did the Panel cite to prove the respondent acted in bad faith?

Bad faith was established by the respondent’s use of the domains to host websites that displayed the ABB mark and mimicked the company’s branding. By soliciting user login credentials on these lookalike portals, the respondent demonstrated an intent to exploit the ABB mark for deceptive purposes.

How did the lack of a response from the respondent impact the case outcome?

The respondent failed to reply to the complainant’s contentions or provide any evidence of rights or legitimate interests in the disputed domains. This default, combined with the clear evidence of site imitation, led the Panel to confirm that the respondent had no legitimate interest and had registered the domains in bad faith.

What was the primary security risk posed by these disputed domains?

The domains presented a significant credential harvesting risk. By creating identical-looking interfaces that requested email addresses and passwords, the respondent attempted to trick users into compromising their login credentials, effectively impersonating the ABB corporate identity.

Detected an unauthorized ‘Brand + Keyword’ domain?

Look-alike domains combining your trademark with descriptive industry terms are often used to harvest credentials or divert traffic. Ensure your brand is protected against these impersonation attempts.

Assess brand threat

Contact us
We will find the best solution for your business

    Thank you for your request!
    We will contact you within 5 hours!
    Image
    This site uses cookies to improve your experience. By continuing, you agree to our Privacy Policy.

    Privacy settings

    When you visit websites, they may store or retrieve data in your browser. This storage is often required for basic website functionality. Storage may be used for marketing, analytics and site personalization purposes, such as storing your preferences. Privacy is important to us, so you can disable certain types of storage that may not be necessary for the basic functioning of the website. Blocking categories may affect the performance of the website.

    Manage settings


    Necessary

    Always active

    These cookies are necessary for the website to function and cannot be disabled in our systems. They are usually only set in response to actions you take that constitute a request for services, such as adjusting your privacy settings, logging in, or filling out forms. You can set your browser to block these cookies or notify you about them, but some parts of the site will not work. These cookies do not store any personal information.

    Marketing

    These elements are used to show you advertising that is more relevant to you and your interests. They can also be used to limit the number of ad views and measure the effectiveness of advertising campaigns. Advertising networks usually place them with the permission of the site operator.

    Personalization

    These elements allow the website to remember your choices (such as your username, language or region you are in) and provide enhanced, more personalized features. For example, a website may provide you with local weather forecasts or traffic news by storing data about your current location.

    Analytics

    These elements help the website operator understand how their website works, how visitors interact with the site and whether there may be technical problems. This type of storage usually does not collect information that identifies the visitor.