Belgian financial institution Belfius Bank SA successfully secured the transfer of belfius-confirmatie.net. The respondent, located in Morocco, paired the bank’s trademark with the Dutch term for ‘confirmation,’ creating a deceptive domain intended to mimic official banking processes.
Case Snapshot
| Case Number | D2025-4354 |
|---|---|
| Complainant | Belfius Bank SA / Belfius Bank NV |
| Respondent | Moussa Kartaji |
| Disputed Domain | belfius-confirmatie.net |
| Threat Tactic | Brand Plus Keyword |
| Decision Date | 2025-12-25 |
| Panelist | Andrea Cappai |
| Outcome | Transfer |
| Official Source | https://www.wipo.int/amc/en/domains/search/text.jsp?case=D2025-4354 |
Operational Keyword Deception and the Threat to Banking Transaction Integrity
The registration of ‘belfius-confirmatie.net’ represents a strategic application of the ‘brand plus keyword’ tactic, specifically targeting the procedural touchpoints of a financial institution. By appending the Dutch word ‘confirmatie’—which translates to ‘confirmation’—to the BELFIUS mark, the respondent created a domain that mimics official banking communication channels. This linguistic choice is not accidental; it targets Dutch-speaking customers during sensitive transactional moments, such as multi-factor authentication or payment verification. For brand owners in the financial sector, this composition poses a high fraud risk, as it leverages the trust associated with security protocols to potentially solicit credentials or sensitive personal data.
Although the domain was in a state of passive holding at the time of the dispute, resolving only to an inactive page, its existence created an immediate reputational threat. In the banking industry, such domains are frequently utilized for MX-record-based email fraud or spear-phishing campaigns that do not require a public-facing website to be effective. The Complainant’s rapid response, filing the UDRP complaint just over a month after the September 17, 2025, registration, underscores the necessity of proactive monitoring. The lack of any plausible legitimate explanation for an individual in Morocco to register a Dutch-language banking keyword domain further reinforces the inference of bad faith and the intent to disrupt the Complainant’s business operations.
The primary commercial risk identified is the erosion of digital trust through a false impression of association. By reproducing the BELFIUS trademark in its entirety alongside an operational keyword, the domain dilutes the bank’s control over its digital identity. This tactic forces the institution to increase its defensive posture and customer education efforts to prevent identity theft and financial loss. The UDRP panel’s findings highlight that the respondent’s lack of rights or legitimate interests, combined with the reputation of the BELFIUS mark established since 2012, makes the domain a tool for deceptive practices rather than a good faith commercial venture.
Panel Evaluation of Confusing Similarity, Rights, and Bad Faith Registration
The Panel determined that ‘belfius-confirmatie.net’ is confusingly similar to the BELFIUS trademark, which has been registered in the European Union and Benelux since 2012. The legal reasoning centered on the fact that the domain name incorporates the Complainant’s mark in its entirety. The addition of the Dutch term ‘confirmatie,’ meaning ‘confirmation’ within a financial context, does not prevent a finding of confusing similarity. Instead, the Panel found that adding descriptive terms related to the Complainant’s industry often increases the risk of confusion by suggesting an official link to the bank’s internal transactional or security processes.
Regarding rights or legitimate interests, the Complainant successfully argued that the Respondent, an individual based in Morocco, had no authorization to use the BELFIUS mark. The Respondent is not commonly known by the disputed name and has not made any demonstrable preparations to use the domain for a bona fide offering of goods or services. The evidence showed that the domain resolved to an inactive page or an error screen at the time of the complaint. This state of passive holding, combined with the lack of any commercial or non-commercial relationship between the parties, supported the conclusion that the Respondent possessed no legitimate interest in the name.
The Panel inferred bad faith from the extensive reputation of the BELFIUS trademark and the specific composition of the domain name. Given that the bank is a major financial institution in Belgium, the Panel found it highly improbable that the Respondent was unaware of the Complainant’s rights when registering the domain in September 2025. The combination of the trademark with a Dutch banking keyword was viewed as a deliberate attempt to create a false impression of association. This ‘brand plus keyword’ tactic is a hallmark of bad faith, as it targets specific linguistic demographics to facilitate potential phishing or impersonation fraud.
The decision emphasizes that the absence of active website content does not preclude a finding of bad faith under the doctrine of passive holding. The Panel noted the lack of any plausible legitimate explanation for the registration of a domain so closely mimicking an established financial brand. For IP professionals, this case highlights the necessity of rapid response; the Complainant filed the UDRP within approximately one month of the domain’s registration, successfully mitigating the risk of future phishing campaigns that could have leveraged the ‘confirmatie’ keyword to deceive Dutch-speaking customers.
Linguistic Context and Proactive Enforcement Strategy
The Complainant’s strategy effectively leveraged the linguistic significance of the term ‘confirmatie’ to establish a false impression of association. By demonstrating that this Dutch word is inherently linked to official banking confirmation processes, the bank successfully argued that the domain was specifically engineered to deceive its Belgian customer base. The Panelist accepted that the reproduction of the BELFIUS trademark in its entirety remains the dominant element, and that the addition of a descriptive suffix does not mitigate confusing similarity. This highlights a critical tactic for brand owners: identifying how industry-specific or localized keywords combined with a trademark serve as evidence of targeted impersonation, even when the disputed domain is not yet hosting active malicious content.
Proactive monitoring and swift filing were central to the successful outcome, as the Complaint was submitted on October 23, 2025, just over one month after the domain’s registration. By acting before the domain could be deployed in an active phishing campaign, Belfius Bank successfully argued that the Respondent’s passive holding constituted bad faith under the UDRP. The strategy focused on the absence of any plausible legitimate explanation for an individual located in Morocco to register a domain name pairing a prominent Belgian financial mark with a Dutch technical term. This approach underscores the business necessity of protecting digital trust by dismantling deceptive infrastructure before it can be used to erode brand security or facilitate financial fraud against a substantial customer base.
Practical Recommendations
- Monitor domain registrations that pair core trademarks with high-risk transactional keywords in local languages—such as ‘confirmatie’, ‘valideren’, or ‘login’—to identify potential phishing infrastructure before it is weaponized.
- Execute rapid legal responses; filing a UDRP complaint within one month of registration, as demonstrated by the Complainant, effectively prevents bad actors from maturing a ‘passive holding’ domain into an active fraud site.
- Explicitly document the linguistic significance of descriptive terms added to the brand (e.g., Dutch banking terminology) to prove a respondent’s specific intent to target and deceive a localized demographic.
- Leverage the ‘false impression of association’ argument in legal filings where domain composition mimics official company processes, as this supports a finding of bad faith even when the site resolves to an error page.
- Maintain a clear evidentiary record of trademark seniority (e.g., 2012 registrations vs. 2025 domain) to satisfy the bad faith requirement by showing the respondent likely knew of the brand’s reputation prior to registration.
Frequently Asked Questions (FAQ)
Why was the domain ‘belfius-confirmatie.net’ considered confusingly similar to the bank’s trademark?
The panel found that the domain name incorporates the ‘BELFIUS’ mark in its entirety. The addition of the Dutch word ‘confirmatie’ (meaning confirmation) did not distinguish the domain; rather, it reinforced the false impression that the domain was associated with the bank’s official verification or banking processes.
How did the respondent attempt to establish rights to the domain?
The respondent did not provide a formal response to the complaint. Consequently, there was no evidence of any legitimate interest, nor any proof that the respondent was commonly known by the domain name or was preparing to use it for a bona fide business purpose.
What evidence proved the domain was registered and used in bad faith?
The panel inferred bad faith from the high reputation of the BELFIUS trademark combined with the respondent’s failure to use the domain for any active, legitimate purpose. The domain’s composition was clearly intended to mislead internet users into believing it was an official channel of the complainant.
What does this case teach us about the ‘brand plus keyword’ tactic in banking?
This case demonstrates that attackers use localized, context-heavy keywords like ‘confirmatie’ to bypass casual scrutiny from target customers. Even if a domain is held passively (inactive), its potential to facilitate future phishing attacks against bank clients justifies a UDRP transfer to preemptively protect digital trust.
Detected brand-plus-keyword impersonation?
Attackers often pair your trademark with functional keywords like ‘confirmation’ or ‘support’ to deceive customers. If you have identified similar domains targeting your digital infrastructure, contact our team for a UDRP eligibility assessment.
This case note is for informational purposes only and is not legal advice.



