6 May, 2026

Byoma Limited Defeats Skincare Brand Impersonator and Phishing Risk

UDRP Cases

Byoma Limited successfully recovered byomay.com and byomay.shop after a Chinese respondent used the domains to host a fake webstore. The site impersonated Byoma’s official site using stolen photography and corporate livery to phish for user contact information under the guise of offering discounts.

Case Snapshot

Case Number D2026-1050
Complainant Byoma Limited
Respondent xiao kaihuan
Disputed Domain
byomay.shop
Threat Tactic Fake Stores
Decision Date 2026-04-29
Panelist Sebastian M.W. Hughes
OutcomeTransfer
Official Source https://www.wipo.int/amc/en/domains/search/text.jsp?case=D2026-1050

Fraudulent Impersonation and Consumer Data Risks

The use of the disputed domain byomay.com posed a direct threat to Byoma Limited’s brand equity through the unauthorized appropriation of its proprietary visual identity. By resolving the domain to a site that prominently featured the registered BYOMA trademark alongside the Complainant’s specific corporate livery and professional photography, the Respondent created a deceptive digital environment. This systematic impersonation allowed the Respondent to exploit the reputation of the Scottish skincare brand to divert internet traffic toward an illegitimate fake shop. For brand owners and IP professionals, this tactic illustrates a high-risk scenario where high-quality marketing assets are weaponized to lend a veneer of authenticity to malicious platforms, making it difficult for consumers to distinguish between the official brand and a fraudulent Chinese-operated impersonator.

Beyond the visual deception, the operation of the fake shop presented acute risks to customer data security and long-term consumer trust. The Respondent utilized the lure of purportedly discounted products to attract visitors, subsequently inviting them to provide personal contact information on the website. The Panelist specifically noted that this activity was likely intended for phishing or other unlawful conduct. This creates a two-fold business threat: the immediate exposure of loyal customers to data harvesting and the subsequent erosion of brand reliability. When consumers experience fraud—whether through data theft or the potential non-delivery of items—the resulting negative associations often attach to the primary brand name. This case highlights that typosquatting domains, such as the ‘byomay’ variant, are frequently leveraged as functional tools for fraud, necessitating rapid UDRP enforcement to protect the integrity of the customer-brand relationship.

Strategy Breakdown: Leveraging Visual Impersonation and Phishing Evidence

Byoma Limited’s strategy succeeded by meticulously documenting the respondent’s use of specific brand assets to create a deceptive user experience. The complainant provided evidence that the disputed domain names, byomay.com and byomay.shop, resolved to a website that mirrored the official Scottish brand’s digital identity. By showing that the respondent copied corporate livery and professional photography directly from the official website, the complainant established a clear case of corporate impersonation. For brand owners, this demonstrates that submitting visual proof of stolen marketing materials is essential for proving that a respondent is intentionally targeting a trademark to divert consumer traffic for profit.

The effectiveness of the complaint also rested on connecting the typosquatting tactic to the risk of consumer data exposure. The complainant argued that the fake shop was designed to lure users with discounted products while requiring them to enter personal contact information. The panelist accepted this as evidence of likely phishing, finding that the use of a domain for such illegal purposes can never confer rights or legitimate interests under the Policy. This legal framing ensures that even in the absence of a response from the registrant, the panel can find bad faith based on the probability of unlawful conduct. Documenting the mechanism of the fake store—specifically the data collection fields—allowed the complainant to secure a transfer by highlighting the active business threat posed by the domain.

Practical Recommendations

  • Implement automated monitoring for high-risk typosquatting variations, specifically focusing on the addition of single characters to the core brand name (e.g., brand + ‘y’) across commerce-centric TLDs like .shop and .com.
  • Document the unauthorized use of corporate livery and professional brand photography through high-resolution screenshots to establish prima facie evidence of impersonation and a lack of legitimate interest.
  • Prioritize UDRP filings for domains featuring data collection forms or ‘checkout’ pages, using these as specific evidence of ‘likely phishing’ to satisfy the bad faith requirement under the Policy.
  • Maintain a rapid-response enforcement protocol to file complaints within 30–45 days of a domain’s registration to minimize the window for revenue diversion and consumer data exposure.
  • Utilize the ‘illegal purpose’ doctrine in filings to argue that any domain used for a fake shop or phishing can never confer rights or legitimate interests on the respondent, regardless of its appearance.

Frequently Asked Questions (FAQ)

Why was the domain ‘byomay.com’ considered confusingly similar to the BYOMA trademark?

The Panel found the domain confusingly similar because it incorporated the Complainant’s registered BYOMA trademark in its entirety, merely adding the letter ‘y’, which did not sufficiently distinguish the domain from the brand’s identity.

What evidence proved that the Respondent acted in bad faith?

Bad faith was established by the Respondent’s active use of the domain to impersonate Byoma Limited. By copying the brand’s corporate livery, using official photographs, and soliciting personal contact information on a fake shop, the Respondent demonstrated a clear intent to engage in phishing and unlawful commercial activity.

How did the lack of legitimate rights support the transfer of the domain?

Under the UDRP, the use of a domain to impersonate a brand and facilitate illegal activities like phishing can never confer rights or legitimate interests to a registrant, allowing the Panel to rule in favor of the Complainant.

What tactical lesson does this case provide for protecting a skincare brand from fake shops?

The case highlights the importance of rapid UDRP filing when an active shop is identified. By focusing evidence on the unauthorized use of proprietary assets—such as corporate photography and brand livery—and characterizing the domain’s function as a phishing risk, a brand can successfully secure a transfer even if the respondent defaults.

Found a fake shop using your brand?

Protect your customers and brand reputation by taking swift action against unauthorized sites using your corporate imagery and product listings. Learn how our UDRP playbook helps you regain control.

Request takedown assessment

Contact us
We will find the best solution for your business

    Thank you for your request!
    We will contact you within 5 hours!
    Image
    This site uses cookies to improve your experience. By continuing, you agree to our Privacy Policy.

    Privacy settings

    When you visit websites, they may store or retrieve data in your browser. This storage is often required for basic website functionality. Storage may be used for marketing, analytics and site personalization purposes, such as storing your preferences. Privacy is important to us, so you can disable certain types of storage that may not be necessary for the basic functioning of the website. Blocking categories may affect the performance of the website.

    Manage settings


    Necessary

    Always active

    These cookies are necessary for the website to function and cannot be disabled in our systems. They are usually only set in response to actions you take that constitute a request for services, such as adjusting your privacy settings, logging in, or filling out forms. You can set your browser to block these cookies or notify you about them, but some parts of the site will not work. These cookies do not store any personal information.

    Marketing

    These elements are used to show you advertising that is more relevant to you and your interests. They can also be used to limit the number of ad views and measure the effectiveness of advertising campaigns. Advertising networks usually place them with the permission of the site operator.

    Personalization

    These elements allow the website to remember your choices (such as your username, language or region you are in) and provide enhanced, more personalized features. For example, a website may provide you with local weather forecasts or traffic news by storing data about your current location.

    Analytics

    These elements help the website operator understand how their website works, how visitors interact with the site and whether there may be technical problems. This type of storage usually does not collect information that identifies the visitor.