Perfetti Van Melle successfully recovered the domain perfettivanmelles.com after it was used to facilitate email impersonation and phishing scams. The WIPO panel ordered the transfer of the domain, confirming the respondent acted in bad faith.
Case Snapshot
| Case Number | D2026-2281 |
|---|---|
| Complainant | Perfetti Van Melle S.p.A. |
| Respondent | Anna Sample, Name Redacted |
| Disputed Domain | perfettivanmelles.com |
| Threat Tactic | Phishing and Email Fraud |
| Decision Date | 2026-06-29 |
| Panelist | Mathias Lilleengen |
| Outcome | Transfer |
| Official Source | https://www.wipo.int/amc/en/domains/search/text.jsp?case=D2026-2281 |
Operational Threats Posed by Impersonation and Phishing
The registration of perfettivanmelles.com illustrates a severe risk to corporate communications security through the tactical use of typosquatting. By registering a domain that replicates the Complainant’s trademark with only a minor, easily overlooked modification, the Respondent established an infrastructure designed specifically to facilitate email-based social engineering. These deceptive email accounts, which appear to originate from legitimate employees of the multinational confectionery firm, pose a persistent threat to internal staff, vendors, and business partners. The capability to impersonate company officials allows malicious actors to initiate fraudulent communications that bypass traditional security filters, undermining the operational integrity of the brand.
This case highlights the fragility of customer and partner trust when corporate identity is misappropriated for illicit ends. Even though the domain was intermittently parked or directed to error pages, the primary utility of the domain remained the unauthorized establishment of an official-looking digital footprint. For a global entity with significant commercial operations, the presence of such lookalike domains serves as a vehicle for phishing, which can lead to data breaches or financial fraud. Relying solely on reactive measures—such as waiting for illegal activity to trigger a UDRP filing—leaves the organization vulnerable to ongoing reputation damage and the potential for long-term customer attrition caused by successful fraud campaigns.
Panel Reasoning: Confusing Similarity, Legitimate Interests, and Bad Faith
The panel confirmed that the domain name perfettivanmelles.com is confusingly similar to Perfetti Van Melle S.p.A.’s established trademarks. Under the threshold test of the UDRP, the domain was found to replicate the core denominative portion of the complainant’s mark, with the addition of a single letter ‘s’ being insufficient to distinguish the domain from the protected trademark. This finding underscores the necessity for brand owners to treat minor typographical variations of their corporate identity as high-risk assets requiring proactive monitoring and potential enforcement.
Regarding rights or legitimate interests, the respondent failed to provide a response, and the record established that the complainant did not authorize, license, or permit the use of its trademark in the domain name. The evidence demonstrated that the respondent utilized the domain solely to create email addresses intended for impersonation. Because the use of a domain name for fraudulent purposes—specifically to facilitate phishing or scam communications—can never constitute a legitimate non-commercial or fair use, the panel concluded that the respondent possessed no rights or interests in the disputed registration.
The panel further determined that the registration and use of the domain name constituted bad faith. Given the global fame of the complainant’s trademark and the domain’s near-identical structure, the panel inferred that the respondent was acutely aware of the complainant’s brand at the time of registration. The act of misappropriating a well-known trademark to execute phishing and scam operations provides clear evidence of an intent to target the company, its employees, and its stakeholders. Consequently, the panel ordered the transfer of the domain, confirming that such illicit activities represent a clear violation of the Policy.
Strategic Enforcement Against Domain-Based Corporate Impersonation
The complainant’s successful recovery of the domain perfettivanmelles.com relied on a robust evidentiary foundation that directly linked the respondent’s typosquatting activity to active fraudulent operations. By clearly demonstrating that the domain was not merely held passively but actively utilized to establish email accounts for impersonating company personnel, the complainant established a compelling case of bad faith registration and use. This tactical decision to document specific instances of phishing and scam communication, rather than relying solely on the existence of the domain, ensured the panel had clear evidence of malicious intent, which proved instrumental given the respondent’s failure to file a response to the complaint.
Furthermore, the complainant’s strategy effectively leveraged its significant international trademark portfolio to establish standing and market prominence. By highlighting its status as a major multinational confectionery company with over EUR 4 billion in 2025 net revenue, the brand owner framed the registration of a near-identical typosquatted domain as an intentional targeting of its global reputation. This approach allowed the panel to easily reach a finding of bad faith, as the appropriation of such a well-known brand identity provides little room for a legitimate business argument. This case underscores the necessity for brand owners to proactively monitor for lookalike domains that mirror core corporate identity to mitigate the high risks of brand dilution and unauthorized email communication.
Practical Recommendations
- Implement proactive domain monitoring tools to identify newly registered domains that mimic your primary trademark with minor variations, such as the addition of an ‘s’ or other suffixes.
- Configure DMARC (Domain-based Message Authentication, Reporting, and Conformance) records at the ‘reject’ level for all legitimate corporate domains to prevent unauthorized entities from successfully spoofing your email communications.
- Establish an internal ‘rapid response’ protocol for domain takedowns, ensuring that evidence of phishing (e.g., screenshots of impersonation emails or suspicious landing pages) is captured immediately upon discovery.
- Conduct regular employee awareness training on social engineering and the risks of external communication originating from ‘lookalike’ domains, instructing staff to verify unusual requests through established internal channels.
- Maintain a comprehensive, updated inventory of all core corporate domain names and secondary defensive registrations to streamline the verification process when submitting UDRP complaints to service providers.
Frequently Asked Questions (FAQ)
Why was the domain ‘perfettivanmelles.com’ considered confusingly similar to Perfetti Van Melle’s trademarks?
The panel found the domain confusingly similar because it reproduces the core denominative portion of the Complainant’s established PERFETTI VAN MELLE trademark, with the mere addition of the letter ‘s’, which does not sufficiently distinguish it from the protected brand.
What evidence confirmed that the respondent lacked legitimate rights to the domain?
The respondent had no authorization or license to use the trademark. The panel determined the respondent’s use of the domain for fraudulent email impersonation cannot constitute legitimate non-commercial or fair use, failing to confer any rights or interests.
How did the panel establish that the domain was registered and used in bad faith?
Bad faith was proven by the respondent’s intentional targeting of a well-known brand to facilitate phishing and scam communications. The high level of similarity between the domain and the trademark demonstrated the respondent’s clear awareness of the Complainant at the time of registration.
What was the practical outcome and objective of this UDRP action?
The WIPO panel ordered the transfer of ‘perfettivanmelles.com’ to the Complainant. The action was essential to stop the active misuse of the company’s identity for email-based social engineering and to prevent further brand dilution and security risks to staff and partners.
Concerned about fake email or invoice fraud?
Protect your organization and customer trust by proactively identifying look-alike domains used for phishing and executive impersonation. If you have detected suspicious activity targeting your corporate identity, our experts can help you assess your UDRP eligibility.
This case note is for informational purposes only and is not legal advice.



