Byoma Limited successfully recovered byomay.com and byomay.shop after a Chinese respondent used the domains to host a fake webstore. The site impersonated Byoma’s official site using stolen photography and corporate livery to phish for user contact information under the guise of offering discounts.
Case Snapshot
| Case Number | D2026-1050 |
|---|---|
| Complainant | Byoma Limited |
| Respondent | xiao kaihuan |
| Disputed Domain | byomay.shop |
| Threat Tactic | Fake Stores |
| Decision Date | 2026-04-29 |
| Panelist | Sebastian M.W. Hughes |
| Outcome | Transfer |
| Official Source | https://www.wipo.int/amc/en/domains/search/text.jsp?case=D2026-1050 |
Fraudulent Impersonation and Consumer Data Risks
The use of the disputed domain byomay.com posed a direct threat to Byoma Limited’s brand equity through the unauthorized appropriation of its proprietary visual identity. By resolving the domain to a site that prominently featured the registered BYOMA trademark alongside the Complainant’s specific corporate livery and professional photography, the Respondent created a deceptive digital environment. This systematic impersonation allowed the Respondent to exploit the reputation of the Scottish skincare brand to divert internet traffic toward an illegitimate fake shop. For brand owners and IP professionals, this tactic illustrates a high-risk scenario where high-quality marketing assets are weaponized to lend a veneer of authenticity to malicious platforms, making it difficult for consumers to distinguish between the official brand and a fraudulent Chinese-operated impersonator.
Beyond the visual deception, the operation of the fake shop presented acute risks to customer data security and long-term consumer trust. The Respondent utilized the lure of purportedly discounted products to attract visitors, subsequently inviting them to provide personal contact information on the website. The Panelist specifically noted that this activity was likely intended for phishing or other unlawful conduct. This creates a two-fold business threat: the immediate exposure of loyal customers to data harvesting and the subsequent erosion of brand reliability. When consumers experience fraud—whether through data theft or the potential non-delivery of items—the resulting negative associations often attach to the primary brand name. This case highlights that typosquatting domains, such as the ‘byomay’ variant, are frequently leveraged as functional tools for fraud, necessitating rapid UDRP enforcement to protect the integrity of the customer-brand relationship.
Panel Reasoning: Analysis of Typosquatting, Impersonation, and Phishing Risks
The Panel applied the established threshold test for confusing similarity, treating the first element of the Policy primarily as a standing requirement. Byoma Limited established its rights through its United Kingdom trademark registration for BYOMA (No. 3610176), which was registered on August 6, 2021, prior to the registration of the disputed domain. The disputed domain, byomay.com, incorporates the mark in its entirety with the addition of the single letter ‘y’ at the suffix. The Panelist found that this slight modification did not prevent a finding of confusing similarity, as the mark remains clearly recognizable within the domain structure.
In evaluating rights or legitimate interests, the Panelist, Sebastian M.W. Hughes, observed that the Respondent had no authorization to use the BYOMA mark and was not commonly known by the disputed name. The evidentiary record demonstrated that the domain resolved to an English-language website that impersonated the Complainant’s official site, utilizing its protected corporate livery and professional brand photography. Under WIPO Overview 3.1, section 2.13.1, the use of a domain name for illegal purposes, such as impersonation or hosting a fake shop, can never confer rights or legitimate interests on a respondent. The Panel concluded that the Respondent’s use of the mark was designed to deceive consumers rather than for any bona fide commercial purpose.
The finding of bad faith registration and use was predicated on the Respondent’s deliberate targeting of the Scottish skincare brand. The Panel noted that the Respondent registered the domain on February 5, 2026, and immediately used it to host a site offering discounted products to lure traffic. A critical factor in this determination was the website’s request for personal contact information from users, which the Panelist identified as a likely indicator of phishing or other unlawful conduct. Under paragraph 4(b) of the Policy, the intentional attempt to attract users for commercial gain by creating a likelihood of confusion with the Complainant’s mark constitutes bad faith.
This decision underscores the legal weight given to the misappropriation of corporate imagery in UDRP proceedings. The Respondent’s failure to submit a response allowed the Panel to draw adverse inferences from the uncontested evidence of impersonation. For brand owners, this case reinforces that demonstrating ‘unlawful conduct’—such as the creation of a fake shop with phishing potential—effectively negates any claim to legitimate interest. The rapid recovery of the domain successfully mitigated direct revenue diversion and protected the Complainant’s brand equity from the erosion caused by unauthorized, low-quality impersonation sites.
Strategy Breakdown: Leveraging Visual Impersonation and Phishing Evidence
Byoma Limited’s strategy succeeded by meticulously documenting the respondent’s use of specific brand assets to create a deceptive user experience. The complainant provided evidence that the disputed domain names, byomay.com and byomay.shop, resolved to a website that mirrored the official Scottish brand’s digital identity. By showing that the respondent copied corporate livery and professional photography directly from the official website, the complainant established a clear case of corporate impersonation. For brand owners, this demonstrates that submitting visual proof of stolen marketing materials is essential for proving that a respondent is intentionally targeting a trademark to divert consumer traffic for profit.
The effectiveness of the complaint also rested on connecting the typosquatting tactic to the risk of consumer data exposure. The complainant argued that the fake shop was designed to lure users with discounted products while requiring them to enter personal contact information. The panelist accepted this as evidence of likely phishing, finding that the use of a domain for such illegal purposes can never confer rights or legitimate interests under the Policy. This legal framing ensures that even in the absence of a response from the registrant, the panel can find bad faith based on the probability of unlawful conduct. Documenting the mechanism of the fake store—specifically the data collection fields—allowed the complainant to secure a transfer by highlighting the active business threat posed by the domain.
Practical Recommendations
- Implement automated monitoring for high-risk typosquatting variations, specifically focusing on the addition of single characters to the core brand name (e.g., brand + ‘y’) across commerce-centric TLDs like .shop and .com.
- Document the unauthorized use of corporate livery and professional brand photography through high-resolution screenshots to establish prima facie evidence of impersonation and a lack of legitimate interest.
- Prioritize UDRP filings for domains featuring data collection forms or ‘checkout’ pages, using these as specific evidence of ‘likely phishing’ to satisfy the bad faith requirement under the Policy.
- Maintain a rapid-response enforcement protocol to file complaints within 30–45 days of a domain’s registration to minimize the window for revenue diversion and consumer data exposure.
- Utilize the ‘illegal purpose’ doctrine in filings to argue that any domain used for a fake shop or phishing can never confer rights or legitimate interests on the respondent, regardless of its appearance.
Frequently Asked Questions (FAQ)
Why was the domain ‘byomay.com’ considered confusingly similar to the BYOMA trademark?
The Panel found the domain confusingly similar because it incorporated the Complainant’s registered BYOMA trademark in its entirety, merely adding the letter ‘y’, which did not sufficiently distinguish the domain from the brand’s identity.
What evidence proved that the Respondent acted in bad faith?
Bad faith was established by the Respondent’s active use of the domain to impersonate Byoma Limited. By copying the brand’s corporate livery, using official photographs, and soliciting personal contact information on a fake shop, the Respondent demonstrated a clear intent to engage in phishing and unlawful commercial activity.
How did the lack of legitimate rights support the transfer of the domain?
Under the UDRP, the use of a domain to impersonate a brand and facilitate illegal activities like phishing can never confer rights or legitimate interests to a registrant, allowing the Panel to rule in favor of the Complainant.
What tactical lesson does this case provide for protecting a skincare brand from fake shops?
The case highlights the importance of rapid UDRP filing when an active shop is identified. By focusing evidence on the unauthorized use of proprietary assets—such as corporate photography and brand livery—and characterizing the domain’s function as a phishing risk, a brand can successfully secure a transfer even if the respondent defaults.
Found a fake shop using your brand?
Protect your customers and brand reputation by taking swift action against unauthorized sites using your corporate imagery and product listings. Learn how our UDRP playbook helps you regain control.
This case note is for informational purposes only and is not legal advice.



