ALSTOM recovered the domain alstorngroup.net after a respondent registered the typo-variant to host industry-related pay-per-click links. The WIPO panel found the registration was a deliberate attempt to exploit the ‘Alstom Group’ corporate identity and ordered a full transfer.
Case Snapshot
| Case Number | D2026-0976 |
|---|---|
| Complainant | ALSTOM |
| Respondent | Diana iulia, Hedonova LLC |
| Disputed Domain | alstorngroup.net |
| Threat Tactic | Typo Domains |
| Decision Date | 2026-04-17 |
| Panelist | Francisco Castillo-Chacón |
| Outcome | Transfer |
| Official Source | https://www.wipo.int/amc/en/domains/search/text.jsp?case=D2026-0976 |
Exploitation of Corporate Identifiers and B2B Procurement Traffic
The registration of alstorngroup.net represents a calculated attempt to exploit the "Alstom Group" corporate identity through typographical mimicry. By substituting the letter ‘m’ with the character combination ‘rn’, the respondent created a domain that is visually confusing to users, especially within industrial procurement channels where the "Alstom Group" name is a primary identifier for subsidiaries and employee email communications. This tactic specifically targets gaps in a brand’s defensive registration strategy by combining a well-known trademark with a common descriptive term ("group") in the .net Top-Level Domain (TLD), which is frequently perceived by corporate users as a legitimate alternative for infrastructure and networking services.
Beyond mere brand dilution, the initial use of the domain to host pay-per-click (PPC) links creates direct commercial risks through the diversion of high-value B2B traffic. The presence of links for "Global Sourcing," "Industrial Equipment Supplies," and "Industrial Automation" demonstrates an intentional effort to siphon traffic from users seeking ALSTOM’s rail and transport services. This diversion not only redirects potential procurement partners to third-party industrial suppliers but also compromises the integrity of the Complainant’s digital ecosystem. Even though the domain later transitioned to an inactive parking page, the panel recognized that such passive holding, when combined with the deliberate mimicry of a famous mark and a failure to respond to cease-and-desist efforts, indicates a persistent threat of future unauthorized use or potential impersonation fraud.
Panel Reasoning: Typographical Mimicry and Intentional Targeting of Corporate Identifiers
The Panel applied the standard threshold test for confusing similarity, determining that the disputed domain name, alstorngroup.net, is visually and aurally similar to the ALSTOM trademark. The registration utilizes a deliberate typographical mimicry, substituting the letter ‘m’ with the characters ‘rn’ followed by the descriptive term ‘group’. This specific typo-variant is particularly deceptive in various digital fonts where ‘rn’ closely resembles ‘m’, potentially leading users to believe they are navigating to a legitimate site belonging to the Alstom Group. Under the first element of the UDRP, such subtle modifications do not prevent a finding of confusing similarity when the underlying mark remains the recognizable core of the domain.
Regarding rights or legitimate interests, the Complainant established a prima facie case that the Respondent possesses no authorization or affiliation with the French rail giant. The Respondent failed to provide any evidence of a bona fide offering of goods or services, nor were they commonly known by the disputed name. Instead, the evidence showed the domain was initially used to host pay-per-click links for ‘Global Sourcing’ and ‘Industrial Equipment Supplies’—sectors directly related to the Complainant’s business. This commercial exploitation of another’s trademark to divert procurement traffic to third-party competitors precludes any claim to a legitimate interest under the Policy.
The finding of bad faith was centered on the Respondent’s intentional attempt to attract Internet users for commercial gain by creating a likelihood of confusion. The Panelist noted that given the global fame of the ALSTOM mark and its established presence since 1928, the Respondent likely knew of the mark at the time of registration in January 2026. This intent is further evidenced by the mimicry of the ‘Alstom Group’ identifier, which the Complainant uses for its subsidiaries and internal email addresses. The Respondent’s failure to reply to the cease-and-desist letter sent on February 5, 2026, and the subsequent shift to a passive parking page, reinforced the conclusion that the registration was motivated by bad faith.
For brand owners, this case highlights a critical portfolio gap involving the .net TLD and corporate identifiers. The Respondent targeted the ‘Alstom Group’ nomenclature, a specific identifier used for B2B communications and employee emails, rather than just the core brand name. This tactic increases the risk of impersonation and traffic diversion within industrial procurement channels. The lack of response from the Respondent during the procedural timeline allowed the Panel to draw adverse inferences, yet the burden remained on the Complainant to prove the targeting of their specific industry keywords in the PPC links, which was successfully demonstrated.
Strategic Exploitation of Corporate Identifiers and Industry-Specific Evidence
ALSTOM successfully secured the transfer of the disputed domain by demonstrating that the respondent’s registration of alstorngroup.net was a calculated attempt to mimic the specific Alstom Group corporate identifier used for subsidiaries and employee email addresses. By providing documented evidence of pay-per-click links active between February and March 2026—specifically those referencing Global Sourcing and Industrial Equipment Supplies—the complainant established a direct link between the typo-variant and its own industrial sector. This industry-specific targeting proved that the respondent intended to attract B2B procurement traffic by creating a likelihood of confusion with the ALSTOM trademark, which is a well-known identifier in the rail and transport sectors with global registrations dating back to 1998.
The persuasiveness of the case was reinforced by the visual similarity of the ‘rn’ typographical addition, which the panel noted would likely be read by internet users as the letter ‘m’. Furthermore, the complainant’s proactive strategy in sending a cease-and-desist letter on February 5, 2026, and documenting the respondent’s subsequent failure to reply, provided necessary evidence of bad faith. Even though the domain later resolved to an inactive parking page, the evidence of prior commercial use through industry-related links prevented the respondent from claiming a lack of commercial intent. This highlights how forensic monitoring of domain resolution changes can be a critical factor for brand owners when the respondent attempts to hide earlier infringing activity through passive holding.
Practical Recommendations
- Prioritize monitoring for character-substitution typos such as ‘rn’ for ‘m’ or ‘cl’ for ‘d’, as these visual look-alikes are highly effective at deceiving B2B procurement teams and bypassing simple string-match filters.
- Perform a defensive audit and registration of the ‘[Brand]Group’ string across all major TLDs (.com, .net, .fr) if that specific corporate identifier is used for subsidiary naming or employee email architecture.
- Implement automated web-crawling to archive Pay-Per-Click (PPC) landing pages immediately upon detection, as bad-faith actors frequently pivot to ‘passive holding’ once a Cease-and-Desist letter is received to hide evidence of commercial exploitation.
- Expand domain monitoring to include combinations of the brand name with high-value industry keywords (e.g., ‘sourcing’, ‘industrial’, ‘automation’) to preempt the diversion of specialized B2B traffic to competitors.
- Conduct a TLD gap analysis specifically for the .net extension for all core corporate identifiers; as demonstrated in this case, the use of .net for corporate-sounding domains poses a significant risk for email-based impersonation.
Frequently Asked Questions (FAQ)
Why was the domain ‘alstorngroup.net’ considered confusingly similar to the ALSTOM trademark?
The WIPO panel determined that ‘alstorngroup.net’ is confusingly similar because it incorporates the protected ALSTOM mark with a minor typographical substitution (‘rn’ instead of ‘m’) combined with the term ‘group,’ which directly mimics the Complainant’s established corporate identifier used across its subsidiaries.
What evidence established the Respondent’s lack of rights or legitimate interests in the domain?
The panel found that the Respondent had no authorization to use the ALSTOM mark and provided no evidence of a bona fide offering of goods or services. The domain was used solely to host pay-per-click links for industrial equipment and later sat as an inactive parking page, neither of which constitutes a legitimate interest.
How did the panel conclude that the Respondent acted in bad faith?
Bad faith was proven by the Respondent’s deliberate effort to attract internet traffic for commercial gain through typographical mimicry of a famous mark. This was further reinforced by the Respondent’s failure to respond to a cease-and-desist letter and the use of links specifically targeting the Complainant’s industrial business sector.
What is the primary business risk associated with this type of domain registration?
This case highlights the risk of brand dilution and traffic diversion where unauthorized parties register typo-variants of corporate identifiers. Such domains can redirect B2B procurement traffic to third-party competitors or unauthorized suppliers, potentially damaging brand reputation and creating risks for future corporate impersonation.
Is your brand portfolio vulnerable to typosquatting?
The ALSTOM case highlights how attackers use subtle domain misspellings to siphon B2B traffic. If your brand relies on corporate identifiers, perform a proactive audit to identify and neutralize look-alike domains before they are weaponized.
This case note is for informational purposes only and is not legal advice.



