16 July, 2026

Defending Against Typosquatting and Fake Storefronts

UDRP Cases

Build-A-Bear Workshop, Inc. successfully recovered two typosquatted domains, buildabeare.com and buildabearr.com, via WIPO after the respondent used them to host replica storefronts. The panel ordered the transfer of both domains after finding clear evidence of bad faith and brand impersonation.

Case Snapshot

Case Number D2026-1939
Complainant Build-A-Bear Workshop, Inc.
Respondent ANDREW S BONO
Disputed Domain
buildabeare.combuildabearr.com
Threat Tactic Typo Domains
Decision Date 2026-06-23
Panelist Tobias Malte Müller
OutcomeTransfer
Official Source https://www.wipo.int/amc/en/domains/search/text.jsp?case=D2026-1939

Business Risk: Brand Impersonation and Revenue Diversion through Typosquatting

The registration of ‘buildabeare.com’ and ‘buildabearr.com’ represents a calculated effort to leverage typosquatting for the purpose of brand impersonation. By deploying websites that acted as exact visual replicas of the official Build-A-Bear storefront—complete with the unauthorized use of the company’s logo and trademarks—the respondent created a high-risk environment for consumer deception. This tactic is specifically designed to intercept traffic intended for the legitimate domain, banking on user error to divert potential customers into a fraudulent ecosystem that purports to sell the brand’s merchandise.

Such replica sites pose a significant threat to organizational integrity by eroding consumer trust and facilitating unauthorized commercial gain at the expense of the brand. With $496 million in annual revenue at stake, the capacity for these sites to disrupt authorized sales channels and compromise the brand’s reputation is severe. Although the sites currently resolve to blank pages following enforcement action, their existence illustrates a broader vulnerability wherein typosquatted variations are weaponized to mimic legitimate, high-revenue e-commerce platforms. Proactive identification of these variants is essential to mitigate the risk of financial diversion and to prevent the degradation of brand equity associated with sophisticated imposter storefronts.

Strategic Enforcement Against Typosquatting and Impersonation

The successful recovery of the domains buildabeare.com and buildabearr.com hinged on the complainant’s ability to document the respondent’s deliberate use of visual deception to mirror the official Build-A-Bear digital infrastructure. By capturing screenshots of the fraudulent sites, which prominently displayed the company’s official trademark and logo, the complainant provided the panel with irrefutable evidence of bad faith. This strategy effectively bridged the gap between mere domain ownership and actionable commercial fraud, proving that the respondent’s typosquatted variations were specifically engineered to deceive consumers. Such proactive evidence collection is essential when addressing impersonation, as it converts a speculative claim of confusion into a clear demonstration of intent under the Policy.

Furthermore, the complainant’s strategy utilized its significant global brand presence, supported by a diverse international trademark portfolio, to reinforce its legal standing. By presenting clear evidence of established trademarks in key jurisdictions—including the United States, Europe, and China—the complainant effectively countered any potential claim of respondent legitimacy. This case highlights a critical business lesson regarding portfolio management: while the complainant successfully reclaimed these specific assets, the emergence of multiple typosquatted domains simultaneously emphasizes the need for automated monitoring of common brand misspellings. Integrating such monitoring into a broader defensive domain strategy allows brand owners to preemptively identify and mitigate risks before the respondent can leverage the site to divert revenue or erode consumer trust.

Practical Recommendations

  • Implement automated typo-squatting monitoring services to identify domain registrations containing variations of core brand trademarks within 24 hours of creation.
  • Prioritize defensive registration of high-probability typo-variants (e.g., repeating terminal characters or common keyboard neighbor errors) to close the attack surface before bad-faith actors can act.
  • Develop a standardized ‘Evidence Preservation’ protocol, including high-resolution screenshots and traffic-tracking logs, to be captured immediately upon discovery of a fake shop to support UDRP ‘bad faith’ claims.
  • Integrate registrar WHOIS monitoring into the IP enforcement pipeline to trigger immediate cease-and-desist or UDRP proceedings when anonymous or privacy-shielded registrations appear for brand-related domains.
  • Establish a ‘Rapid Takedown’ framework that combines UDRP filings with ISP/registrar abuse reports to address the active storefronts that precede blank page status, ensuring domain transfer is achieved before the site vanishes.

Frequently Asked Questions (FAQ)

Why were the domain names buildabeare.com and buildabearr.com considered confusingly similar to the Build-A-Bear trademark?

The WIPO panel determined that these domains are purposeful misspellings—or typosquats—of the registered ‘BUILD-A-BEAR’ trademark. Because they incorporate the primary brand name with only minor variations, they create a strong likelihood of confusion for internet users.

What evidence proved the respondent lacked rights or legitimate interests in the disputed domains?

The panel found that the respondent had no authorization to use the Build-A-Bear trademark. Furthermore, the respondent was not commonly known by these names, and the sites were explicitly designed to impersonate the official brand to deceive customers, which disqualifies any claim to a legitimate interest.

How was bad faith established in this specific UDRP case?

Bad faith was proven by the fact that the respondent operated visual replicas of the official Build-A-Bear website, complete with the official logo and brand imagery, clearly aiming to attract users for illicit commercial gain by creating a false association with the complainant.

What does the successful transfer of these domains signify for future enforcement efforts?

The case highlights the effectiveness of proactive monitoring and rapid enforcement. Even when a respondent fails to respond, the UDRP process provides a reliable legal mechanism to recover hijacked domains used for fake storefronts, effectively neutralizing the immediate threat to brand reputation and customer trust.

Detecting and Disarming Look-Alike Domains

As seen in the Build-A-Bear case, typosquatted domains are often the first step in sophisticated impersonation attacks. We can help you identify high-risk domain registrations and monitor your digital perimeter to stop brand abuse before it scales.

Start domain recovery

Contact us
We will find the best solution for your business

    Thank you for your request!
    We will contact you within 5 hours!
    Image
    This site uses cookies to improve your experience. By continuing, you agree to our Privacy Policy.

    Privacy settings

    When you visit websites, they may store or retrieve data in your browser. This storage is often required for basic website functionality. Storage may be used for marketing, analytics and site personalization purposes, such as storing your preferences. Privacy is important to us, so you can disable certain types of storage that may not be necessary for the basic functioning of the website. Blocking categories may affect the performance of the website.

    Manage settings


    Necessary

    Always active

    These cookies are necessary for the website to function and cannot be disabled in our systems. They are usually only set in response to actions you take that constitute a request for services, such as adjusting your privacy settings, logging in, or filling out forms. You can set your browser to block these cookies or notify you about them, but some parts of the site will not work. These cookies do not store any personal information.

    Marketing

    These elements are used to show you advertising that is more relevant to you and your interests. They can also be used to limit the number of ad views and measure the effectiveness of advertising campaigns. Advertising networks usually place them with the permission of the site operator.

    Personalization

    These elements allow the website to remember your choices (such as your username, language or region you are in) and provide enhanced, more personalized features. For example, a website may provide you with local weather forecasts or traffic news by storing data about your current location.

    Analytics

    These elements help the website operator understand how their website works, how visitors interact with the site and whether there may be technical problems. This type of storage usually does not collect information that identifies the visitor.