Bolloré SE successfully secured the transfer of three domain names containing its BOLLORÉ mark and the keyword ‘finrevoux’. The panel cited the configuration of MX servers and the use of the domains for unrelated cryptocurrency services as clear evidence of bad faith registration and use.
Case Snapshot
| Case Number | D2025-4764 |
|---|---|
| Complainant | BOLLORE SE |
| Respondent | Affing, AffDerrendinger ANNEMARIE |
| Disputed Domain | bollore-finrevoux.combollorefinrevoux.combollorefinrevoux.net |
| Threat Tactic | Brand Plus Keyword |
| Decision Date | 2026-01-09 |
| Panelist | WiIliam A. Van Caenegem |
| Outcome | Transfer |
| Official Source | https://www.wipo.int/amc/en/domains/search/text.jsp?case=D2025-4764 |
MX Server Configuration and Financial Impersonation Risks
The registration of ‘bollore-finrevoux.com’ with active MX servers represents a direct threat of business email compromise (BEC). For a conglomerate like Bolloré SE, which reported 3 billion Euros in revenue in 2024, the technical capability to send emails from a domain incorporating the BOLLORÉ trademark allows for the creation of highly credible fraudulent communications. The panel noted that the configuration of email servers for a domain featuring a famous mark, where no legitimate interest exists, is evidence of bad faith intent. This infrastructure enables the respondent to potentially target the Complainant’s 3,204 employees or its global client base with phishing or fraudulent invoicing schemes that appear to originate from an official source.
The unauthorized association of the BOLLORÉ mark with cryptocurrency services introduces severe reputation and brand dilution risks. Before deactivation, the disputed domains resolved to sites promoting crypto-related services, a tactic that exploits the trust built by the Complainant since its initial trademark registrations in 1998. The use of the suffix ‘finrevoux’—a term suggesting financial or investment activity—heightens the risk of passing off, as users may reasonably believe these domains represent an authorized financial division of the Bolloré Group. This unauthorized entry into the volatile cryptocurrency sector could mislead investors and stakeholders, creating a perceived association with high-risk financial products that the Complainant does not endorse.
The coordinated registration of three domains within a single 24-hour window indicates a professionalized attempt to intercept traffic across multiple TLDs, including .com and .net. By utilizing varied registrars and privacy shields, the respondent increased the administrative complexity of enforcement. However, the identical structure of the domains and their shared use for cryptocurrency promotion allowed for a successful consolidation of the proceedings. This pattern of behavior demonstrates that the threat was not an isolated incident but a strategic effort to capture digital real estate associated with the BOLLORÉ brand, necessitating a comprehensive UDRP response to prevent the continued exploitation of the conglomerate’s corporate identity.
Analysis of Confusing Similarity, Legitimate Interests, and Bad Faith
The Panel confirmed that the three disputed domains are confusingly similar to the Complainant’s BOLLORÉ trademark because they incorporate the mark in its entirety. The addition of the term ‘finrevoux’ does not distinguish the domains from the trademark, as the BOLLORÉ mark remains the dominant and recognizable element. From a legal perspective, the Respondent’s failure to provide Whois information that corresponded to the domain names or the term ‘finrevoux’ reinforced the conclusion that they were not commonly known by the disputed names, satisfying the requirements for a finding of confusing similarity.
Regarding rights or legitimate interests, the use of the domain ‘bollore-finrevoux.com’ to promote cryptocurrency services was found to be illegitimate. Because Bolloré SE operates primarily in transportation, logistics, and communications, the Respondent’s association of the mark with unrelated and volatile financial services constitutes an attempt to trade on the established reputation of the Complainant. For the domains that remained inactive, the Panel found no evidence of a demonstrable plan for bona fide use, determining that the Respondent failed to establish any rights or legitimate interests in the BOLLORE-themed strings.
The bad faith finding centered on the configuration of MX servers for ‘bollore-finrevoux.com’, a technical setup that enables the domain to be used for email services. The Panel determined that such configuration, when combined with a famous mark, strongly implies an intent to facilitate email fraud or phishing. Even without documented proof of sent messages, the capability to send emails from a domain that mimics a conglomerate with over 3,204 employees creates an unacceptable risk of corporate impersonation. This technical evidence, coupled with the registration of three similar domains in a single day, demonstrates a clear bad faith intent.
For IP professionals, the decision highlights the utility of consolidation when a respondent utilizes different registrars and TLDs. The Panel noted that the common registration patterns—using the BOLLORÉ mark plus a specific keyword—indicated a unified scheme to exploit the Complainant’s brand. Furthermore, the application of the passive holding doctrine remains a robust tool for brand owners when dealing with famous marks, as the Panel found it impossible to conceive of any good-faith use for domains that combine a well-known trademark with fictitious financial terms.
Strategy Breakdown: Procedural Consolidation and Technical Evidence of Bad Faith
The Complainant’s strategy effectively leveraged procedural consolidation to address three disputed domains registered across different registrars within a 24-hour window in November 2025. By demonstrating that the domains shared a common naming structure—combining the protected BOLLORÉ mark with the keyword ‘finrevoux’—and identifying overlapping registrant information, the Complainant established a unified pattern of conduct. This approach allowed the panel to view the registrations as a coordinated attempt to exploit the French conglomerate’s reputation, which includes a 2024 revenue of 3 billion Euros and international trademark protections dating back to 1998. The panel accepted that such temporal and structural proximity made it inconceivable that the registrations were coincidental, facilitating a streamlined enforcement action that covered multiple TLDs simultaneously.
Persuasive technical evidence regarding MX server configuration served as a primary pillar for establishing bad faith intent under the UDRP. The Complainant highlighted that ‘bollore-finrevoux.com’ was specifically configured with MX records, making the domain capable of sending and receiving emails. The panel found that the configuration of email servers for a domain incorporating a famous mark is strong evidence of a bad faith intent to facilitate email fraud or impersonation. Furthermore, the documented use of the domains to promote unrelated cryptocurrency services prior to deactivation reinforced the lack of legitimate interest. This combination of technical preparedness for potential phishing and the unauthorized association with the volatile crypto sector provided the panel with clear indicators of bad faith, even where some domains were being passively held without active web content.
Practical Recommendations
- Implement automated DNS monitoring to detect the configuration of MX (mail) records on infringing domains, as panels increasingly view active mail servers as definitive evidence of bad faith intent for fraud even in the absence of a live website.
- Utilize ‘pattern of registration’ evidence—such as domains registered within a 24-hour window using identical keyword structures—to consolidate multiple disputes into a single UDRP proceeding, even if they involve different registrars.
- Document and present evidence of ‘sector mismatch’ when a domain is used for unrelated high-risk industries like cryptocurrency, as this effectively negates respondent claims of rights or legitimate interests under the Policy.
- Leverage the ‘famous mark’ doctrine in complaints involving passive holding to satisfy the bad faith requirement, particularly when it is impossible to conceive of any good-faith use for a domain combining a famous brand with a financial keyword.
- Capture and preserve screenshots of infringing content immediately upon discovery, as the deactivation of a site (e.g., crypto-related pages) by the respondent does not moot a bad faith finding if previous unauthorized use can be proven.
Frequently Asked Questions (FAQ)
Why did the panel find that the addition of ‘finrevoux’ to the BOLLORÉ mark still resulted in confusingly similar domains?
The panel determined that incorporating the famous BOLLORÉ trademark in its entirety is sufficient to establish confusing similarity, regardless of the addition of the fictitious term ‘finrevoux’, as it does not sufficiently distinguish the domains from the Complainant’s brand.
How did the respondent’s technical configuration of the domains contribute to the finding of bad faith?
The configuration of MX servers on the disputed domain ‘bollore-finrevoux.com’ was cited by the panel as clear evidence of bad faith, as it enabled the potential for email fraud or business email compromise, which cannot be considered a legitimate use of the trademark.
What evidence did the panel use to demonstrate the respondent’s lack of legitimate rights to the domains?
The panel observed that the respondent used the domains to promote unrelated cryptocurrency services or left them as inactive websites, and failed to provide any response or evidence demonstrating they were commonly known by or authorized to use the BOLLORÉ trademark.
What was the tactical significance of consolidating these three domains into a single proceeding?
Consolidation was successful because the domains were registered within one day of each other, shared the same naming structure (‘Bolloré’ plus ‘finrevoux’), and were linked to the same entity, allowing the panel to address the common pattern of abusive registration collectively.
Found a brand-plus-keyword impersonation domain?
Abusive domains combining your mark with seemingly random keywords are often a precursor to email fraud or phishing. If you’ve identified domains mirroring your brand structure, our UDRP assessment can help determine the viability of a transfer action.
This case note is for informational purposes only and is not legal advice.



