5 May, 2026

WIPO Transfers fifa-coins.com to FIFA After Exploitative Redirects and Bad Faith Use

UDRP Cases

FIFA successfully secured the transfer of ‘fifa-coins.com’ after demonstrating the domain was registered in bad faith to capitalize on FIFA’s legacy licensing terms. The respondent exploited the domain through dynamic browser-based redirects and PPC links, eventually triggering security blocking alerts. A WIPO panel ordered the immediate transfer of the domain to FIFA.

Case Snapshot

Case Number D2025-4768
Complainant Fédération Internationale de Football Association (FIFA)
Respondent Domain Privacy, Domain Name Privacy Inc.
Disputed Domain
fifa-coins.com
Threat Tactic Brand Plus Keyword
Decision Date 2025-12-23
Panelist Reyes Campello Estebaranz
OutcomeTransfer
Official Source https://www.wipo.int/amc/en/domains/search/text.jsp?case=D2025-4768

Exploitation of Expired Licenses and the Risks of Dynamic Redirects

The registration of ‘fifa-coins.com’ highlights a distinct threat vector: the weaponization of expired licensing terms. After FIFA’s official ‘FIFA Coins’ licensing agreement concluded in 2022, the brand terminology remained highly recognizable to consumers seeking virtual assets, collectibles, or digital currency. By registering this exact keyword combination in August 2024, the unauthorized registrant capitalized on legacy consumer search behavior. This tactic poses a direct threat to brand equity, as users seeking official, historically licensed products are diverted to third-party portals, diluting the trademark and capturing commercial traffic that belongs in the brand’s legitimate ecosystem.

Furthermore, the technical implementation of dynamic routing on the disputed domain amplifies the operational risk for corporate IP teams. The domain resolved to different websites depending on variable user parameters, such as browser, device type, or operating system, while generating revenue through pay-per-click (PPC) networks. For brand owners, this multi-destinational redirect behavior complicates enforcement because automated detection tools may record a benign PPC page while actual consumers are routed to unpredictable and potentially harmful endpoints. This stealth routing makes it difficult to assess the full scope of abuse without deep-dive, multi-agent threat monitoring.

Finally, the ultimate resolution of the domain to a security alert page warning of potential malicious risks presents a severe reputational hazard. While the panel did not find confirmed evidence of active malware distribution or monetary fraud, the presence of security blocklists associated with a brand-attributive domain name directly compromises customer trust. When consumers encounter a blocked site bearing a famous trademark, the negative association can bleed into the brand’s core reputation. This demonstrates that even when third-party domains do not execute successful cyber attacks, their poor security posture and subsequent blocking by web browsers create an immediate and damaging association for the trademark owner.

Strategic Alignment of Legacy Licensing and Technical Abuse Evidence

FIFA’s enforcement strategy succeeded by directly linking the descriptive suffix ‘coins’ to both its trademark registrations and its historical commercial operations. By presenting international trademark registrations dating back to 1995—which specifically cover ‘coins’ in Class 14—the Complainant established that the disputed domain ‘fifa-coins.com’ directly targets its IP. Crucially, FIFA provided evidence of a legacy licensing program for ‘FIFA Coins’ that officially terminated in 2022. This historical context proved highly persuasive to the panel, as it demonstrated that the Respondent was deliberately exploiting an expired, highly recognizable brand extension to mislead internet users who might search for authorized collectibles or virtual assets associated with the governing body.

The Complainant further solidified its bad faith argument by presenting detailed technical evidence regarding the domain’s dynamic resolution behavior. FIFA documented that the disputed domain resolved to various destination sites based on unknown visitor parameters, such as browser type, operating system, or device, whilst capitalizing on pay-per-click (PPC) revenue. Proving that the domain subsequently triggered browser security alerts and malicious risk blocklists further highlighted the severe reputational threat to FIFA’s brand. This technical analysis, combined with the scale of FIFA’s global presence and its USD 7.6 billion revenue during the 2019-2022 period, left no doubt that the Respondent registered the domain to exploit FIFA’s public-facing trademark for unauthorized commercial gain.

Practical Recommendations

  • Audit and secure legacy licensing terms: Implement a systematic post-termination protocol to defensively register or closely monitor domains associated with expired commercial licenses, partnerships, or discontinued virtual assets (such as ‘brand + coins’ or ‘brand + tokens’) to prevent third-party exploitation of residual brand equity.
  • Deploy multi-parameter user-agent emulation: Configure domain monitoring and enforcement tools to scan resolving content using diverse browser, OS, and geographic parameters. This ensures the detection of dynamic routing and cloaked redirects that serve different content (such as dynamic PPC pages) depending on the visitor’s device.
  • Leverage security blocklist alerts in UDRP filings: Monitor third-party infringing domains for security blocklist entries and malware alerts. Use active browser warnings and security blocklist evidence in UDRP complaints to substantiate arguments of bad faith use and immediate business/reputational risk.
  • Formulate a proactive virtual asset defensive registry: Conduct a gap analysis of the brand portfolio against high-risk digital currency, collectible, and gaming terms (e.g., ‘[brand]-coins.com’, ‘[brand]-crypto.com’) and execute targeted defensive registrations to block bad-faith registrations before they occur.

Frequently Asked Questions (FAQ)

Why was the domain ‘fifa-coins.com’ considered confusingly similar to FIFA’s trademarks?

The WIPO panel determined that ‘fifa-coins.com’ incorporates the well-known ‘FIFA’ trademark in its entirety. The addition of the descriptive term ‘coins’ failed to avoid confusion, as it directly mirrors terms associated with official memorabilia, collectibles, or potential virtual assets, which are categories covered under FIFA’s existing trademark registrations.

What evidence proved the respondent lacked rights or legitimate interests in the domain?

The panel found that the respondent had no authorization to use the FIFA mark and was not affiliated with the organization. Furthermore, the respondent failed to provide a bona fide offering of goods or services, instead using the domain to host pay-per-click (PPC) advertising pages and dynamic redirects, confirming a lack of legitimate interest.

How did FIFA establish bad faith in the registration and use of the domain?

Bad faith was proven by the respondent’s attempt to exploit legacy licensing terms that expired in 2022. The respondent utilized dynamic redirects based on a user’s browser, device, or OS to generate unauthorized revenue, and the site eventually triggered security alerts for malicious risk, demonstrating a clear intent to capitalize on FIFA’s reputation for commercial gain through deception.

What is the primary business takeaway from the transfer of ‘fifa-coins.com’?

The case highlights the risk of third parties hijacking expired or legacy licensing keywords (e.g., ‘FIFA Coins’) to create false associations. Organizations should actively monitor domains using their brand in combination with descriptive terms related to virtual assets or past product lines to prevent traffic diversion and reputational damage from security-blocked sites.

Detected brand-plus-keyword abuse?

Unauthorized domains leveraging your brand alongside product or service keywords—like the ‘fifa-coins.com’ case—can drive traffic to malicious sites and dilute your digital equity. Learn how to identify and recover these deceptive assets.

Assess brand threat

Contact us
We will find the best solution for your business

    Thank you for your request!
    We will contact you within 5 hours!
    Image
    This site uses cookies to improve your experience. By continuing, you agree to our Privacy Policy.

    Privacy settings

    When you visit websites, they may store or retrieve data in your browser. This storage is often required for basic website functionality. Storage may be used for marketing, analytics and site personalization purposes, such as storing your preferences. Privacy is important to us, so you can disable certain types of storage that may not be necessary for the basic functioning of the website. Blocking categories may affect the performance of the website.

    Manage settings


    Necessary

    Always active

    These cookies are necessary for the website to function and cannot be disabled in our systems. They are usually only set in response to actions you take that constitute a request for services, such as adjusting your privacy settings, logging in, or filling out forms. You can set your browser to block these cookies or notify you about them, but some parts of the site will not work. These cookies do not store any personal information.

    Marketing

    These elements are used to show you advertising that is more relevant to you and your interests. They can also be used to limit the number of ad views and measure the effectiveness of advertising campaigns. Advertising networks usually place them with the permission of the site operator.

    Personalization

    These elements allow the website to remember your choices (such as your username, language or region you are in) and provide enhanced, more personalized features. For example, a website may provide you with local weather forecasts or traffic news by storing data about your current location.

    Analytics

    These elements help the website operator understand how their website works, how visitors interact with the site and whether there may be technical problems. This type of storage usually does not collect information that identifies the visitor.