5 May, 2026

WIPO Orders Transfer of buildabearsale.com Deceptive Retail Domain

UDRP Cases

Build-A-Bear Workshop, Inc. successfully secured the transfer of buildabearsale.com after a WIPO panel ruled against a recidivist squatter. The respondent, operating under the name ‘no lar frank’, had configured the domain to host an unauthorized shop displaying Build-A-Bear’s official logo. The sole panelist ordered an immediate transfer of the domain due to bad faith impersonation and lack of legitimate rights.

Case Snapshot

Case Number D2026-1070
Complainant Build-A-Bear Workshop, Inc.
Respondent no lar frank
Disputed Domain
buildabearsale.com
Threat Tactic Fake Stores
Decision Date 2026-04-28
Panelist Saisunder Nedungal Vidhya Bhaskar
OutcomeTransfer
Official Source https://www.wipo.int/amc/en/domains/search/text.jsp?case=D2026-1070

Commercial Impersonation and the Tactical Evasion Strategies of Serial Infringers

The registration of buildabearsale.com highlights a targeted digital exploit that directly threatens consumer trust and brand equity. By combining the distinctive BUILD-A-BEAR trademark with the transactional modifier ‘sale’—and omitting the trademark’s standard hyphens—the registrant specifically targeted high-intent retail traffic. Hosting an unauthorized store featuring the Complainant’s official logo to pass off illegitimate services as authorized channels compromises customer relationships. For brand owners, this tactic creates an immediate risk of traffic diversion, where consumers seeking genuine promotional opportunities are intercepted by unauthorized retail interfaces using misappropriated brand assets.

The operational threat in this dispute is compounded by the fact that the Respondent, operating under the name ‘no lar frank’ out of Manila, Philippines, is a documented repeat offender. This individual has been named as a respondent in at least five other UDRP proceedings involving major global brands, including Valentino, IBM, and Huda Beauty. This pattern of recidivism shows that corporate brands are frequently targeted by coordinated, professionalized operators who exploit commercial terms at scale. To mitigate this threat, intellectual property professionals must look beyond isolated enforcement actions and maintain comprehensive intelligence on repeat actors who programmatically exploit global corporate marks.

Furthermore, the transition of the disputed domain from an active retail counterfeit portal to an inactive ‘DNS address unable to be found’ page following a takedown notice demonstrates a calculated evasion tactic. Threat actors frequently suspend active operations temporarily when confronted with preliminary brand enforcement actions in order to avoid further legal scrutiny or domain transfer. This behavior underscores why administrative hosting-level takedowns are often insufficient on their own. Securing a formal transfer of the underlying domain through the UDRP is necessary to permanently strip serial threat actors of their digital assets and prevent them from reactivating the deceptive site at a later date.

Strategic Evidence and Recidivism Proof Secure Transfer in buildabearsale.com Dispute

Build-A-Bear Workshop, Inc. executed a highly effective evidentiary strategy by meticulously documenting the disputed domain’s active state before issuing a takedown request. Prior to the site’s transition to an inactive status resolving to a DNS error page, the complainant captured evidence of the website’s unauthorized commercial passing off, which displayed the official BUILD-A-BEAR logo and purported to sell the brand’s products. By preserving this critical historical proof of corporate impersonation, the complainant successfully established that the omission of trademark hyphens combined with the commercial modifier ‘sale’ was designed to exploit consumers, rendering the subsequent inactivity of the domain irrelevant to the bad faith determination.

A cornerstone of the complainant’s persuasive case was the exposure of the respondent’s history as a serial cybersquatter. After unmasking the privacy proxy service to identify the registrant as ‘no lar frank’ of Manila, Philippines, the complainant introduced evidence of the respondent’s involvement in at least five prior UDRP proceedings involving major global brands such as Valentino, IBM, Huda Beauty, and Buck Mason. Presenting this clear pattern of abusive registration and trademark targeting built an unassailable case of bad faith, demonstrating to the sole panelist that the registration of buildabearsale.com was part of a systemic, unauthorized domain-squatting operation.

Practical Recommendations

  • Secure comprehensive, time-stamped digital evidence of fraudulent storefronts—including screenshots of official logo misuse and unauthorized product listings—prior to issuing preliminary takedown notices, ensuring bad-faith use remains fully documented even if the respondent subsequently takes the domain inactive.
  • Perform exhaustive background searches on identified registrants during the preparation of a UDRP complaint to identify and cite prior adverse decisions, establishing a clear pattern of abusive registration and recidivism (such as referencing the respondent’s history in disputes involving brands like Valentino, IBM, and Huda Beauty).
  • Establish automated monitoring systems to detect new registrations combining core brand trademarks with high-risk retail modifiers (such as ‘sale’, ‘shop’, or ‘store’) and common typographical variations, including the omission of hyphens from multi-word marks.
  • Incorporate the presence of privacy proxy services (like PrivacyGuardian.org) into risk-scoring models for domain enforcement, prioritizing quick escalation to registrar verification requests when combined with unauthorized brand name usage.

Frequently Asked Questions (FAQ)

Why was the domain buildabearsale.com considered confusingly similar to the official brand?

The WIPO panel determined that the domain was confusingly similar because it incorporates the ‘BUILD-A-BEAR’ trademark in its entirety, merely removing the hyphens and adding the descriptive term ‘sale’ to create a deceptive association with the Complainant’s actual retail activities.

How did the panel determine that the respondent had no legitimate rights or interests in the domain?

The panel found no evidence that the respondent was commonly known by the name or authorized to use the trademark. Furthermore, the respondent’s use of the site to impersonate the brand via logo misuse and unauthorized product offerings constitutes passing off, which cannot establish a bona fide offering of goods or services.

What factors were cited to prove the respondent acted in bad faith?

Bad faith was established by the respondent’s decision to target a globally recognized brand while having a documented history of recidivism, specifically being named as a respondent in at least five previous UDRP proceedings involving other major global companies.

What is the practical outcome and tactical takeaway from this case?

The panel ordered the transfer of the domain to Build-A-Bear Workshop. The case highlights a common tactic where bad actors register trademark-plus-keyword domains to host fake shops, often switching the site to an inactive or ‘DNS not found’ state as a defensive measure following initial enforcement outreach.

Found a fake shop using your brand?

Deceptive storefronts misusing your logos and trade names can erode customer trust and brand equity. Learn how to identify, monitor, and recover domains used for unauthorized e-commerce impersonation.

Request takedown assessment

Contact us
We will find the best solution for your business

    Thank you for your request!
    We will contact you within 5 hours!
    Image
    This site uses cookies to improve your experience. By continuing, you agree to our Privacy Policy.

    Privacy settings

    When you visit websites, they may store or retrieve data in your browser. This storage is often required for basic website functionality. Storage may be used for marketing, analytics and site personalization purposes, such as storing your preferences. Privacy is important to us, so you can disable certain types of storage that may not be necessary for the basic functioning of the website. Blocking categories may affect the performance of the website.

    Manage settings


    Necessary

    Always active

    These cookies are necessary for the website to function and cannot be disabled in our systems. They are usually only set in response to actions you take that constitute a request for services, such as adjusting your privacy settings, logging in, or filling out forms. You can set your browser to block these cookies or notify you about them, but some parts of the site will not work. These cookies do not store any personal information.

    Marketing

    These elements are used to show you advertising that is more relevant to you and your interests. They can also be used to limit the number of ad views and measure the effectiveness of advertising campaigns. Advertising networks usually place them with the permission of the site operator.

    Personalization

    These elements allow the website to remember your choices (such as your username, language or region you are in) and provide enhanced, more personalized features. For example, a website may provide you with local weather forecasts or traffic news by storing data about your current location.

    Analytics

    These elements help the website operator understand how their website works, how visitors interact with the site and whether there may be technical problems. This type of storage usually does not collect information that identifies the visitor.