Mexican logistics firm Estafeta Mexicana, S.A. de C.V. successfully recovered the disputed domains estafetad.com, estafetac.com, and esafeta.com. The WIPO panel ordered their transfer after finding that respondent liu deg registered these typosquatted variations of the famous shipping brand in bad faith.
Case Snapshot
| Case Number | D2025-4938 |
|---|---|
| Complainant | Estafeta Mexicana, S.A. de C.V. |
| Respondent | liu deg |
| Disputed Domain | estafetad.com |
| Threat Tactic | Typo Domains |
| Decision Date | 2026-01-19 |
| Panelist | José Ignacio San Martín Santamaría |
| Outcome | Transfer |
| Official Source | https://www.wipo.int/amc/en/domains/search/text.jsp?case=D2025-4938 |
Operational and Reputational Risks of Typosquatting in the Logistics Sector
The registration of the disputed domains estafetad.com, estafetac.com, and esafeta.com directly targets Estafeta Mexicana, S.A. de C.V., a major courier and logistics provider with more than 92 global trademark registrations dating back to 1997. By utilizing typosquatting tactics—specifically adding letters like ‘d’ or ‘c’ or omitting the ‘t’ as in esafeta.com—the Respondent positioned these domains to exploit common user keyboard errors. In the logistics sector, where consumers and corporate clients routinely input tracking numbers, shipping addresses, and payment data online, such highly similar domains pose an inherent risk of customer confusion and traffic diversion.
Although the disputed domains did not host active websites at the time of the dispute, they were listed on the GoDaddy platform with options to hire an acquisition manager for approximately 2,700 Mexican pesos. For logistics brand owners, passive holding of typosquatted domains represents a dormant threat. If these domains are acquired by bad-faith actors, they could be deployed to facilitate delivery fraud, mock tracking portals, or invoice scams targeting shipping clients. While the case record does not prove that these domains were actively used for phishing or that customers suffered actual financial losses, the structural similarity to a trusted brand creates an ongoing vulnerability that can severely damage customer trust if left unaddressed.
Furthermore, the registration of multiple targeted variations on a single day (July 5, 2025) using a privacy service indicates a deliberate strategy to exploit a highly recognized Mexican brand for commercial gain. For IP and domain dispute professionals, this case highlights the necessity of proactive defensive registration and timely UDRP intervention. Allowing unauthorized third parties to retain domains mimicking core delivery and distribution channels exposes the brand’s supply chain communications to potential intercept, forcing defensive legal expenditures to secure the company’s digital perimeter.
WIPO Panel Analysis: Typosquatting and Bad Faith Evaluation
Under the first element of the UDRP Policy, Panelist José Ignacio San Martín Santamaría evaluated whether the disputed domains—estafetad.com, estafetac.com, and esafeta.com—were confusingly similar to the Complainant’s ESTAFETA trademark. The Panel noted that each of the disputed domains incorporates the Complainant’s registered trademark in its entirety, with only minor alterations consisting of single-letter additions or omissions. Specifically, the domains append the letters ‘d’ or ‘c’ to the end of the mark, or omit the letter ‘t’ in the case of esafeta.com. The Panel confirmed that such slight typographical modifications do not prevent a finding of confusing similarity, as the highly distinctive ESTAFETA trademark remains the dominant and recognizable element within each domain name.
Regarding the second element of rights or legitimate interests, the Panelist concluded that the Respondent, liu deg, possessed no authorization or business relationship with Estafeta Mexicana, S.A. de C.V. The Complainant established a clear prima facie case by presenting its portfolio of more than 92 trademark registrations, with rights extending back to 1997. Because the Respondent registered the domains using a privacy service and subsequently failed to submit any response to the WIPO complaint, the Complainant’s assertions remained uncontested. The Panel therefore ruled that the Respondent had no rights or legitimate interests in the disputed domains.
In assessing bad faith under the third element of the Policy, the Panelist focused on the commercial context of the registrations. Although the disputed domains were not hosting active websites, they were listed on the GoDaddy platform with options to hire a broker to acquire them for approximately 2,700 Mexican pesos. The Panel determined that the Respondent registered these specific typosquatted domains with prior knowledge of the Complainant’s prominent courier brand. By targeting a highly recognized logistics service, the Respondent’s registration of these names was designed to exploit the reputation of the trademark, creating confusion among the public regarding the origin, affiliation, or sponsorship of any eventual delivery or distribution services.
For brand protection professionals, this decision reinforces the utility of the UDRP in addressing passive holding and preemptive typosquatting. Although there was no factual evidence in the record demonstrating that the Respondent had initiated actual phishing email campaigns, executed financial fraud, or hosted fake logistics tracking portals, the Panel found the risk of user confusion sufficient to establish bad faith. This outcome underscores that trademark owners do not need to wait for active consumer deception or documented financial losses to occur before successfully recovering bad-faith domain registrations that mimic their core brands.
Establishing Trademark Primacy and Preempting Typosquatting Risks
Estafeta Mexicana, S.A. de C.V. built a persuasive case by establishing a clear timeline of its intellectual property rights, leveraging more than 92 global trademark registrations for ESTAFETA dating back to 1997. This extensive history of trademark use made the confusing similarity of the disputed domains—estafetad.com, estafetac.com, and esafeta.com—undeniable to the WIPO panel. The Complainant’s strategy effectively demonstrated that the Respondent, liu deg, engaged in typosquatting by registering domains that either added a single letter, such as ‘d’ or ‘c’, or omitted a letter from the prominent logistics mark. This structural alignment between the disputed domains and the Complainant’s core brand left no plausible explanation for the registrations other than intentional copying.
Furthermore, the Complainant successfully navigated the passive holding of these domains by highlighting the inherent risks of customer deception and logistics fraud. Although the domains did not host active websites and the record does not prove they were used to send phishing emails, the threat of delivery tracking scams and invoice fraud targeting shipping clients remained a central business risk. The Complainant demonstrated that the domains were registered under a privacy service and listed via the GoDaddy platform with options to hire a manager to acquire them for approximately 2,700 Mexican pesos. By proving that the Respondent had no authorization, commercial relationship, or legitimate rights to the ESTAFETA mark, the Complainant established that the registration of these typo-variants was designed to exploit a recognized shipping brand, leading Panelist José Ignacio San Martín Santamaría to order a full transfer.
Practical Recommendations
- Implement automated brand monitoring systems specifically configured to detect character-insertion and omission typos (such as adding trailing letters like ‘estafetad.com’ or dropping internal letters like ‘esafeta.com’) within 24–48 hours of their registration.
- Perform defensive domain registrations for high-risk typosquatting variations—especially those targeting core logistics terms, tracking portals, or local market extensions—to block bad-faith actors before they can secure them.
- Monitor domain aftermarket and broker platforms (e.g., GoDaddy, NameSilo) for passive listings or acquisition-manager offers targeting your trademarks, and document these commercial listings as supporting evidence of bad-faith registration and use in UDRP filings.
- Consolidate multiple typosquatted domains registered by the same respondent (or under the same privacy proxy) into a single, unified WIPO UDRP complaint to minimize legal filing fees and streamline the recovery process.
- Actively track MX record configurations on newly registered typosquatted domains to preemptively block spoofed emails and secure email-sending infrastructure before delivery fraud or invoice scams targeting customers can occur.
Frequently Asked Questions (FAQ)
How did the respondent attempt to use typosquatting against Estafeta Mexicana?
The respondent registered domains like ‘estafetad.com’, ‘estafetac.com’, and ‘esafeta.com’ by making minor modifications to the protected ‘ESTAFETA’ trademark, intending to deceive internet users and divert traffic from the legitimate logistics service provider.
What evidence confirmed that the respondent lacked legitimate interests in the disputed domains?
The Panel determined that the respondent had no authorization, relationship, or affiliation with Estafeta Mexicana. Furthermore, the respondent failed to provide any evidence of rights or legitimate interests during the proceedings, leading to a finding of default.
How did the WIPO panel establish ‘bad faith’ given that the sites were inactive?
Even without active content, the Panel found bad faith because the domains were designed to mimic a famous brand for potential commercial gain. The domains were listed on the GoDaddy platform with acquisition management services, signaling an intent to exploit the brand’s reputation.
What is the practical outcome for the company regarding these typosquatted domains?
The WIPO panel ordered the immediate transfer of the disputed domains to Estafeta Mexicana, S.A. de C.V. This prevents potential phishing, invoice fraud, and consumer confusion by securing the brand’s digital perimeter.
Is your brand being imitated by look-alike domains?
Don’t wait for typosquatted domains to be used in delivery fraud or customer scams. Contact our team to assess your brand’s vulnerability and discuss proactive UDRP enforcement strategies.
This case note is for informational purposes only and is not legal advice.



