Equifax Inc. successfully obtained the transfer of the domain dicom-equifax.com from Gerardo Munoz. The panel determined the respondent acted in bad faith by configuring MX records to enable email-based phishing, leading to a transfer order.
Case Snapshot
| Case Number | D2026-2123 |
|---|---|
| Complainant | Equifax Inc. |
| Respondent | Gerardo Munoz |
| Disputed Domain | dicom-equifax.com |
| Threat Tactic | Phishing and Email Fraud |
| Decision Date | 2026-06-26 |
| Panelist | Richard C.K. van Oerle |
| Outcome | Transfer |
| Official Source | https://www.wipo.int/amc/en/domains/search/text.jsp?case=D2026-2123 |
Business Risk: Email Infrastructure as a Vector for Fraud
The registration of ‘dicom-equifax.com’ presents a significant risk to Equifax Inc. by facilitating unauthorized email communication. By configuring MX records for the domain, the respondent established an infrastructure capable of sending and receiving emails, a key indicator of potential phishing activity. This tactic enables the creation of fraudulent correspondence that appears to originate from official corporate channels, leveraging the Equifax brand identity to deceive customers or stakeholders. Because the term ‘dicom’ is specifically associated with Equifax’s service offerings in Chile, the domain is uniquely positioned to maximize the efficacy of targeted impersonation campaigns and solicitation fraud.
Beyond immediate phishing threats, the presence of these email capabilities undermines the integrity of Equifax’s client communications. In the absence of any legitimate authorization for the respondent to use the trademark—which the company has protected through over 239 registrations globally—the domain creates a false sense of institutional legitimacy. The respondent’s failure to develop a bona fide website further emphasizes that the primary utility of the domain was likely to remain silent or hidden while operating backend email services. This strategic manipulation of domain configuration poses a persistent risk to brand reputation and consumer trust, as malicious actors can exploit such infrastructure to harvest sensitive information under the guise of the Equifax name.
Legal Analysis: Establishing Bad Faith via Infrastructure-Based Indicators
In the matter of D2026-2123, the panel confirmed that the inclusion of the term ‘dicom’—a service specifically offered by Equifax in the Chilean market—alongside the EQUIFAX trademark actually heightens the potential for consumer confusion. The panel dismissed the addition of a hyphen as irrelevant to the Policy, determining that the domain name is confusingly similar to the Complainant’s marks. Given that Equifax has held its trademark for over 50 years and maintains over 239 registrations globally, the unauthorized integration of service-specific terminology into the disputed domain demonstrates a calculated effort to create an deceptive online presence that mimics official channels.
Regarding the lack of rights or legitimate interests, the panel noted that the Respondent has never been authorized, licensed, or assigned any rights by Equifax to use the trademark. Furthermore, the Respondent failed to establish any bona fide use of the domain, as it remained largely inactive. In the absence of a response from the Respondent, the panel found no evidence to suggest the Respondent was commonly known by the disputed name or had any legitimate reason to incorporate the Complainant’s highly distinctive and arbitrary mark into their own domain registration.
The panel’s decision turned significantly on the Respondent’s configuration of MX records, which facilitated the capability to send and receive emails using the disputed domain. The panel reasoned that such infrastructure is a clear indicator of bad faith, as it creates a substantial possibility that the Respondent intended to facilitate fraudulent phishing schemes. While the case did not require documentation of specific victim losses, the technical capability to impersonate Equifax through email communication was sufficient evidence to support a finding of bad faith registration and use under the Policy.
Strategic Utilization of Technical Infrastructure as Evidence of Bad Faith
The Complainant successfully built a persuasive case by connecting technical domain configuration to clear evidence of bad faith. By highlighting that the Respondent established MX records for ‘dicom-equifax.com’, the Complainant moved beyond simple trademark infringement to demonstrate the infrastructure required for an active phishing operation. This technical detail was critical, as it convinced the panel that the domain was not merely being held passively, but was actively prepared to facilitate deceptive email communication. By leveraging the longstanding reputation of the EQUIFAX mark—supported by over fifty years of consistent usage and extensive global registrations—the Complainant effectively established that any unauthorized use, particularly when combined with service-specific terms like ‘dicom’, served only to misappropriate their established brand identity.
The legal strategy relied heavily on the absence of any legitimate connection between the Respondent and the Equifax brand, bolstered by the Respondent’s failure to participate in the proceedings. By meticulously documenting that no authorization had ever been granted for the use of the EQUIFAX mark, the Complainant minimized the risk of a successful defense. Furthermore, the argument that the inclusion of the ‘dicom’ keyword—a term identified with the Complainant’s specific service offerings—actually exacerbated the potential for consumer confusion allowed the Complainant to preemptively dismantle potential arguments regarding the domain’s benign intent. This holistic approach, linking established trademark longevity with modern indicators of email-based fraud, provided the Panel with a comprehensive basis to order the immediate transfer of the disputed domain.
Practical Recommendations
- Conduct periodic proactive DNS monitoring to detect the configuration of MX records on domains that incorporate your trademark or related service names, even if no active website content is hosted.
- Prioritize UDRP filings against domains that facilitate email infrastructure (MX/SPF/DKIM records) over those with passive landing pages, as these represent an immediate, high-risk threat of customer-facing phishing.
- Document the operational relationship between your trademark and specific secondary keywords (e.g., ‘dicom’) to demonstrate to the panel how the combination in a domain name increases the likelihood of consumer confusion.
- Utilize technical evidence of non-passive infrastructure—such as email service capability—as a primary pillar of your ‘bad faith use’ argument to strengthen the evidentiary basis for a transfer under the UDRP.
- Proactively monitor new domain registrations that pair your brand with regional-specific product names to identify potential phishing hubs before they are utilized in active fraud campaigns.
Frequently Asked Questions (FAQ)
Why was the domain ‘dicom-equifax.com’ considered confusingly similar to Equifax’s trademarks?
The panel determined that the inclusion of the word ‘dicom’—a specific service offered by Equifax in Chile—alongside the ‘EQUIFAX’ mark created a heightened risk of consumer confusion by falsely implying an official connection to the brand’s service offerings.
What evidence proved the respondent lacked rights or legitimate interests in the domain?
Equifax provided evidence that it never authorized the respondent to use its trademark. Furthermore, the respondent failed to use the domain for a bona fide active website and was not commonly known by the name ‘dicom-equifax’, satisfying the criteria for lack of legitimate interest.
How did the respondent’s configuration of the domain demonstrate bad faith?
The respondent configured MX records for the domain, which enables the sending and receiving of emails. The panel ruled this as clear evidence of bad faith, indicating an intent to use the domain as a platform for fraudulent phishing campaigns that impersonate Equifax.
What is the practical outcome of this UDRP decision for the business?
The panel ordered the immediate transfer of ‘dicom-equifax.com’ to Equifax. This success highlights the effectiveness of monitoring technical infrastructure, such as MX records, as a proactive tactic to identify and neutralize potential email-based fraud before active phishing attacks cause significant harm.
Concerned about fake email or invoice fraud?
The unauthorized configuration of MX records on domains mimicking your brand is a primary indicator of phishing intent. Protect your communication channels from impersonation and potential business email compromise.
This case note is for informational purposes only and is not legal advice.



