5 May, 2026

Active Mail Server Configuration Triggers Domain Transfer in Amadeus Trademark Dispute

UDRP Cases

Amadeus IT Group, S.A. has successfully obtained the transfer of the disputed domain amadeus-net.com. The Respondent registered the domain incorporating the well-known AMADEUS trademark and configured active MX records on the domain, creating an immediate vulnerability for phishing campaigns. The sole WIPO panelist ordered the transfer because the setup indicated a high potential for bad-faith commercial gain and corporate impersonation.

Case Snapshot

Case Number D2025-5039
Complainant Amadeus IT Group, S.A.
Respondent Małgorzata Nowak, Amadeus
Disputed Domain
amadeus-net.com
Threat Tactic Phishing and Email Fraud
Decision Date 2026-03-31
Panelist Kateryna Oliinyk
OutcomeTransfer
Official Source https://www.wipo.int/amc/en/domains/search/text.jsp?case=D2025-5039

Active MX Configurations as Pre-Emptive Infrastructure for Corporate Impersonation

The registration of amadeus-net.com and the subsequent configuration of active mail exchange (MX) records and subdomains present a critical security and reputational vulnerability for the Complainant. By pairing the global travel technology brand AMADEUS with the network term "-net", the domain inherently mimics official corporate communication channels. Although the dispute record does not document actual sent phishing emails or confirmed financial losses, the technical assembly of active MX records allows the domain to function as an active platform for corporate impersonation. For brand owners, this specific configuration poses a severe risk of unauthorized interception of sensitive business inquiries and travel industry communications, threatening to erode trust among customers and business partners who might mistake the channel for an official corporate network.

From a defensive perspective, the Respondent’s procedural conduct failed to offer any credible mitigation against these bad faith indicators. After the WIPO Arbitration and Mediation Center suspended the case to allow for a potential settlement, the Respondent failed to participate or execute the settlement, leading to the reinstitution of the proceedings. Under UDRP jurisprudence, a respondent’s failure to submit a substantive response or cooperate in resolving the dispute through an executed settlement reinforces the panel’s findings of bad faith. IP professionals must recognize that the potential for email-based fraud—substantiated by active MX records—cannot be defended by passive silence or abandoned settlement negotiations, leaving panels with no alternative but to order the transfer of the deceptive infrastructure.

Technical Infrastructure Analysis and Procedural Failures Secure Domain Transfer

The Complainant’s strategy succeeded primarily by shifting the evidentiary focus to the technical preparation of the disputed domain name. Rather than waiting for active security breaches to occur, the Complainant presented concrete technical evidence that the Respondent had configured active mail exchange (MX) records and associated subdomains on amadeus-net.com. Although no actual sent phishing emails or direct financial losses were documented in the decision text, the panelist, Kateryna Oliinyk, ruled that this specific setup established a high potential for email-based phishing and corporate impersonation. For brand owners, this highlights the strategic value of documenting MX configuration records during the UDRP filing stage to establish bad faith registration and use, even when active website content is non-existent.

Furthermore, the Respondent’s procedural actions undermined any potential defense. Following a temporary suspension of the case to explore a settlement, the Respondent, Małgorzata Nowak, failed to participate in the proceedings or execute the settlement, forcing the Center to reinstitute the case. In UDRP proceedings, such non-responsiveness allows panelists to draw adverse inferences from undisputed facts. The Complainant successfully argued that appending the common network term ‘-net’ to its internationally registered AMADEUS trademark did nothing to mitigate confusing similarity or establish legitimate interests, leaving the Respondent with no viable defense against the transfer order.

Practical Recommendations

  • Implement continuous DNS monitoring for newly registered domain names containing core brands, specifically scanning for the activation of Mail Exchange (MX) records and subdomain configurations to detect potential corporate impersonation channels early.
  • In UDRP complaints, present technical evidence of active MX and mail-related DNS records to establish bad faith registration and use, as panels accept the setup of email servers on confusingly similar domains as strong evidence of phishing risk, even without proof of actual sent emails.
  • Securely acquire or defensively register key corporate identifiers appended with common network indicators (e.g., ‘-net’, ‘-it’, ‘-tech’) to prevent bad-faith actors from exploiting these terms to mimic official IT infrastructure.
  • Manage settlement negotiations strategically in domain disputes; if an administrative suspension is granted but the respondent becomes non-responsive, move swiftly to reinstitute the proceeding to minimize the window of vulnerability for active high-risk domains.

Frequently Asked Questions (FAQ)

Why was the domain name ‘amadeus-net.com’ considered confusingly similar to the Amadeus trademark?

The panel found the domain name confusingly similar because it incorporates the protected ‘AMADEUS’ trademark in its entirety. The simple addition of the term ‘-net’ was insufficient to distinguish the domain from the Complainant’s established brand and global presence.

How did the presence of MX records influence the panel’s decision on bad faith?

The configuration of active Mail Exchange (MX) records, combined with the setup of subdomains, provided clear evidence of an intent to facilitate email-based impersonation. The panel concluded that this infrastructure presented a high risk for phishing campaigns targeting the Complainant’s partners and customers.

What impact did the Respondent’s failure to engage in settlement proceedings have on the case?

The Respondent remained entirely non-responsive throughout the legal process, including declining to engage in settlement opportunities after the case was briefly suspended. This lack of participation, alongside the absence of any legitimate rights to the ‘AMADEUS’ mark, strengthened the case for bad faith registration.

Concerned about fake email or invoice fraud?

Active MX records on look-alike domains are a clear signal of impending business email compromise. Learn how WIPO precedents are being used to shut down domains configured for malicious communication before they can be used to target your partners or customers.

Request phishing analysis

Contact us
We will find the best solution for your business

    Thank you for your request!
    We will contact you within 5 hours!
    Image
    This site uses cookies to improve your experience. By continuing, you agree to our Privacy Policy.

    Privacy settings

    When you visit websites, they may store or retrieve data in your browser. This storage is often required for basic website functionality. Storage may be used for marketing, analytics and site personalization purposes, such as storing your preferences. Privacy is important to us, so you can disable certain types of storage that may not be necessary for the basic functioning of the website. Blocking categories may affect the performance of the website.

    Manage settings


    Necessary

    Always active

    These cookies are necessary for the website to function and cannot be disabled in our systems. They are usually only set in response to actions you take that constitute a request for services, such as adjusting your privacy settings, logging in, or filling out forms. You can set your browser to block these cookies or notify you about them, but some parts of the site will not work. These cookies do not store any personal information.

    Marketing

    These elements are used to show you advertising that is more relevant to you and your interests. They can also be used to limit the number of ad views and measure the effectiveness of advertising campaigns. Advertising networks usually place them with the permission of the site operator.

    Personalization

    These elements allow the website to remember your choices (such as your username, language or region you are in) and provide enhanced, more personalized features. For example, a website may provide you with local weather forecasts or traffic news by storing data about your current location.

    Analytics

    These elements help the website operator understand how their website works, how visitors interact with the site and whether there may be technical problems. This type of storage usually does not collect information that identifies the visitor.