16 July, 2026

Securing Corporate Communications Against Brand Impersonation

UDRP Cases

Perfetti Van Melle successfully recovered the domain perfettivanmelles.com after it was used to facilitate email impersonation and phishing scams. The WIPO panel ordered the transfer of the domain, confirming the respondent acted in bad faith.

Case Snapshot

Case Number D2026-2281
Complainant Perfetti Van Melle S.p.A.
Respondent Anna Sample, Name Redacted
Disputed Domain
perfettivanmelles.com
Threat Tactic Phishing and Email Fraud
Decision Date 2026-06-29
Panelist Mathias Lilleengen
OutcomeTransfer
Official Source https://www.wipo.int/amc/en/domains/search/text.jsp?case=D2026-2281

Operational Threats Posed by Impersonation and Phishing

The registration of perfettivanmelles.com illustrates a severe risk to corporate communications security through the tactical use of typosquatting. By registering a domain that replicates the Complainant’s trademark with only a minor, easily overlooked modification, the Respondent established an infrastructure designed specifically to facilitate email-based social engineering. These deceptive email accounts, which appear to originate from legitimate employees of the multinational confectionery firm, pose a persistent threat to internal staff, vendors, and business partners. The capability to impersonate company officials allows malicious actors to initiate fraudulent communications that bypass traditional security filters, undermining the operational integrity of the brand.

This case highlights the fragility of customer and partner trust when corporate identity is misappropriated for illicit ends. Even though the domain was intermittently parked or directed to error pages, the primary utility of the domain remained the unauthorized establishment of an official-looking digital footprint. For a global entity with significant commercial operations, the presence of such lookalike domains serves as a vehicle for phishing, which can lead to data breaches or financial fraud. Relying solely on reactive measures—such as waiting for illegal activity to trigger a UDRP filing—leaves the organization vulnerable to ongoing reputation damage and the potential for long-term customer attrition caused by successful fraud campaigns.

Strategic Enforcement Against Domain-Based Corporate Impersonation

The complainant’s successful recovery of the domain perfettivanmelles.com relied on a robust evidentiary foundation that directly linked the respondent’s typosquatting activity to active fraudulent operations. By clearly demonstrating that the domain was not merely held passively but actively utilized to establish email accounts for impersonating company personnel, the complainant established a compelling case of bad faith registration and use. This tactical decision to document specific instances of phishing and scam communication, rather than relying solely on the existence of the domain, ensured the panel had clear evidence of malicious intent, which proved instrumental given the respondent’s failure to file a response to the complaint.

Furthermore, the complainant’s strategy effectively leveraged its significant international trademark portfolio to establish standing and market prominence. By highlighting its status as a major multinational confectionery company with over EUR 4 billion in 2025 net revenue, the brand owner framed the registration of a near-identical typosquatted domain as an intentional targeting of its global reputation. This approach allowed the panel to easily reach a finding of bad faith, as the appropriation of such a well-known brand identity provides little room for a legitimate business argument. This case underscores the necessity for brand owners to proactively monitor for lookalike domains that mirror core corporate identity to mitigate the high risks of brand dilution and unauthorized email communication.

Practical Recommendations

  • Implement proactive domain monitoring tools to identify newly registered domains that mimic your primary trademark with minor variations, such as the addition of an ‘s’ or other suffixes.
  • Configure DMARC (Domain-based Message Authentication, Reporting, and Conformance) records at the ‘reject’ level for all legitimate corporate domains to prevent unauthorized entities from successfully spoofing your email communications.
  • Establish an internal ‘rapid response’ protocol for domain takedowns, ensuring that evidence of phishing (e.g., screenshots of impersonation emails or suspicious landing pages) is captured immediately upon discovery.
  • Conduct regular employee awareness training on social engineering and the risks of external communication originating from ‘lookalike’ domains, instructing staff to verify unusual requests through established internal channels.
  • Maintain a comprehensive, updated inventory of all core corporate domain names and secondary defensive registrations to streamline the verification process when submitting UDRP complaints to service providers.

Frequently Asked Questions (FAQ)

Why was the domain ‘perfettivanmelles.com’ considered confusingly similar to Perfetti Van Melle’s trademarks?

The panel found the domain confusingly similar because it reproduces the core denominative portion of the Complainant’s established PERFETTI VAN MELLE trademark, with the mere addition of the letter ‘s’, which does not sufficiently distinguish it from the protected brand.

What evidence confirmed that the respondent lacked legitimate rights to the domain?

The respondent had no authorization or license to use the trademark. The panel determined the respondent’s use of the domain for fraudulent email impersonation cannot constitute legitimate non-commercial or fair use, failing to confer any rights or interests.

How did the panel establish that the domain was registered and used in bad faith?

Bad faith was proven by the respondent’s intentional targeting of a well-known brand to facilitate phishing and scam communications. The high level of similarity between the domain and the trademark demonstrated the respondent’s clear awareness of the Complainant at the time of registration.

What was the practical outcome and objective of this UDRP action?

The WIPO panel ordered the transfer of ‘perfettivanmelles.com’ to the Complainant. The action was essential to stop the active misuse of the company’s identity for email-based social engineering and to prevent further brand dilution and security risks to staff and partners.

Concerned about fake email or invoice fraud?

Protect your organization and customer trust by proactively identifying look-alike domains used for phishing and executive impersonation. If you have detected suspicious activity targeting your corporate identity, our experts can help you assess your UDRP eligibility.

Request phishing analysis

Contact us
We will find the best solution for your business

    Thank you for your request!
    We will contact you within 5 hours!
    Image
    This site uses cookies to improve your experience. By continuing, you agree to our Privacy Policy.

    Privacy settings

    When you visit websites, they may store or retrieve data in your browser. This storage is often required for basic website functionality. Storage may be used for marketing, analytics and site personalization purposes, such as storing your preferences. Privacy is important to us, so you can disable certain types of storage that may not be necessary for the basic functioning of the website. Blocking categories may affect the performance of the website.

    Manage settings


    Necessary

    Always active

    These cookies are necessary for the website to function and cannot be disabled in our systems. They are usually only set in response to actions you take that constitute a request for services, such as adjusting your privacy settings, logging in, or filling out forms. You can set your browser to block these cookies or notify you about them, but some parts of the site will not work. These cookies do not store any personal information.

    Marketing

    These elements are used to show you advertising that is more relevant to you and your interests. They can also be used to limit the number of ad views and measure the effectiveness of advertising campaigns. Advertising networks usually place them with the permission of the site operator.

    Personalization

    These elements allow the website to remember your choices (such as your username, language or region you are in) and provide enhanced, more personalized features. For example, a website may provide you with local weather forecasts or traffic news by storing data about your current location.

    Analytics

    These elements help the website operator understand how their website works, how visitors interact with the site and whether there may be technical problems. This type of storage usually does not collect information that identifies the visitor.