5 May, 2026

How Sodexo Secured the Transfer of Typosquatted Domain lsodexo.com

UDRP Cases

French food and facilities management multinational Sodexo successfully obtained the transfer of the disputed domain lsodexo.com from US-based respondent Roy Adams, Abtek. The respondent registered the typosquatted domain under a privacy shield to operate a pay-per-click parking page featuring third-party links. WIPO panelist Uwa Ohiku ruled the domain was registered and used in bad faith, ordering its transfer to the Complainant.

Case Snapshot

Case Number D2025-5223
Complainant Sodexo
Respondent Roy Adams, Abtek
Disputed Domain
lsodexo.com
Threat Tactic Typo Domains
Decision Date 2026-01-23
Panelist Uwa Ohiku
OutcomeTransfer
Official Source https://www.wipo.int/amc/en/domains/search/text.jsp?case=D2025-5223

Addressing Portfolio Vulnerabilities and the Threat of Typosquatted PPC Pages

The registration of lsodexo.com highlights a critical vulnerability in corporate domain portfolios: the risk of adjacent-character typosquatting. By prepending the letter ‘l’ to the globally recognized SODEXO mark, the respondent targeted typographical errors made by users attempting to navigate to the complainant’s authentic digital channels. Although Sodexo maintains defensive registrations across several key variants—including sodexo.com, sodexoca.com, and sodexho.com—the omission of specific single-letter prefixes left an exposure window. For brand owners, this demonstrates how even extensive defensive portfolios can remain vulnerable to targeted typosquatting if registration strategies do not proactively secure high-probability typing errors.

The commercial threat of this loophole is amplified when typosquatted domains are integrated into pay-per-click (PPC) monetization frameworks. In this instance, the respondent routed redirected traffic to a parked page containing third-party commercial links, seeking commercial gain from users searching for the complainant’s food and facilities management services. Although the administrative record contains no evidence of active phishing campaigns or malware distribution, the unauthorized commercial exploitation of the trademark dilutes brand distinctiveness. By permitting third-party links to reside under a confusingly similar domain, the tactic diverts potential clients, degrades search integrity, and exploits the corporate reputation that the complainant has built since its founding in 1966.

Strategic Proof of Bad Faith and the Defensive Registration Gap

Sodexo’s successful strategy relied on establishing its prior, extensive trademark rights to satisfy the standing requirement under the first element of the UDRP. The Complainant presented global trademark registrations dating back to 2007 and 2010, alongside its own core domain holdings such as sodexo.com, sodexoca.com, and sodexho.com. This robust trademark foundation made the confusing similarity of the typosquatted domain lsodexo.com indisputable. To satisfy the third element of the Policy, Sodexo successfully submitted evidence of the domain’s resolving behavior, showing that the disputed domain pointed to a pay-per-click parking page featuring third-party links. This demonstrated that the Respondent, Roy Adams of Abtek, sought to divert web traffic to generate unauthorized commercial gain from the Complainant’s established reputation.

From a corporate brand protection standpoint, this dispute highlights the business risks associated with defensive registration gaps. Although Sodexo maintained registrations across several domain variations, the exclusion of common typosquatted adjacent-letter variants like lsodexo.com left an opening for exploitation. Sodexo’s strategy countered this by utilizing the Respondent’s procedural tactics as affirmative evidence of bad faith. The Respondent’s deployment of a privacy shield via ‘Withheld for Privacy ehf’ to hide their identity, combined with their failure to submit a response, was successfully positioned by the Complainant as a concerted effort to evade accountability. Panelist Uwa Ohiku upheld this combination as further evidence of bad faith, demonstrating how brand owners can leverage a respondent’s silence and registrar privacy services to secure a favorable transfer decision.

Practical Recommendations

  • Conduct a proactive gap analysis of the brand portfolio to defensively register common keyboard-adjacent typos (such as prepending ‘l’ to core trademarks like ‘sodexo’) across primary generic Top-Level Domains (gTLDs).
  • Implement automated domain monitoring systems configured to flag newly registered domains containing the core trademark combined with common typographical prefixes, suffixes, or character-insertion patterns.
  • Ensure prompt and comprehensive archiving (including date-stamped screenshots) of pay-per-click (PPC) landing pages and third-party sponsored links to preserve evidence of bad faith commercial exploitation before content changes.
  • Establish a streamlined protocol for filing UDRP complaints when encountering unresponsive registrants who hide behind privacy protection services (such as ‘Withheld for Privacy ehf’) to monetize redirected trademark traffic.
  • Review and align geographic and country-code TLD (ccTLD) defensive registrations (e.g., regional variations such as ‘sodexoca.com’) to prevent bad-faith actors from exploiting gaps in key operational jurisdictions.

Frequently Asked Questions (FAQ)

Why was the domain lsodexo.com considered confusingly similar to the SODEXO trademark?

The WIPO panel determined that the domain name is a clear case of typosquatting, as it merely adds a single letter ‘l’ to the complainant’s established SODEXO trademark, which is a common tactic to exploit user input errors and misspellings.

What evidence did the panel use to establish that the Respondent acted in bad faith?

Bad faith was confirmed because the disputed domain was used to host a pay-per-click parking page featuring unrelated third-party commercial links for the respondent’s financial gain. This was further reinforced by the respondent’s use of a privacy shield and their failure to respond to the formal complaint.

Does the lack of direct financial damage to Sodexo’s customers prevent a UDRP transfer?

No. The UDRP does not require proof of direct financial loss to customers to justify a transfer. It is sufficient that the respondent registered the domain to intentionally divert traffic for commercial profit by leveraging the reputation of the SODEXO brand.

How does this case highlight vulnerabilities in a company’s domain portfolio?

The case demonstrates the risk of failing to preemptively register common typographical variations of a brand. By leaving ‘lsodexo.com’ unregistered, the complainant left a gap that an unauthorized party could easily occupy to monetize brand traffic and dilute trademark presence.

Need to recover a look-alike domain?

Protect your brand from typosquatted variations that divert traffic to commercial parking pages. Learn how to secure your digital assets through a proactive UDRP strategy.

Start domain recovery

Contact us
We will find the best solution for your business

    Thank you for your request!
    We will contact you within 5 hours!
    Image
    This site uses cookies to improve your experience. By continuing, you agree to our Privacy Policy.

    Privacy settings

    When you visit websites, they may store or retrieve data in your browser. This storage is often required for basic website functionality. Storage may be used for marketing, analytics and site personalization purposes, such as storing your preferences. Privacy is important to us, so you can disable certain types of storage that may not be necessary for the basic functioning of the website. Blocking categories may affect the performance of the website.

    Manage settings


    Necessary

    Always active

    These cookies are necessary for the website to function and cannot be disabled in our systems. They are usually only set in response to actions you take that constitute a request for services, such as adjusting your privacy settings, logging in, or filling out forms. You can set your browser to block these cookies or notify you about them, but some parts of the site will not work. These cookies do not store any personal information.

    Marketing

    These elements are used to show you advertising that is more relevant to you and your interests. They can also be used to limit the number of ad views and measure the effectiveness of advertising campaigns. Advertising networks usually place them with the permission of the site operator.

    Personalization

    These elements allow the website to remember your choices (such as your username, language or region you are in) and provide enhanced, more personalized features. For example, a website may provide you with local weather forecasts or traffic news by storing data about your current location.

    Analytics

    These elements help the website operator understand how their website works, how visitors interact with the site and whether there may be technical problems. This type of storage usually does not collect information that identifies the visitor.