
Panoramic: Automotive and Mobility 2025
This is the September 2025 edition of Anchovy News. Here you will find articles concerning ICANN, the domain name industry and the recuperation of domain names across the globe. In this issue we cover:
For earlier Anchovy News publications, please visit our Domain Names practice page. Learn more about Anchovy® - Global Domain Name and Internet Governance here.
A recent report released by cybersecurity company, Interisle, which analysed four million phishing reports over the period from May 2024 to April 2025, has highlighted what it calls a “global cybercrime crisis”, with reported phishing attacks for the period reaching nearly two million. This is up by over 60,000 attacks compared to last year and represents an increase of over 180% since 2021.
The Phishing Landscape 2025 report found that quarterly phishing attacks had grown a whopping 423% between its first measurements taken in 2020 and the most recent ones taken in 2025. It named the top 10 Top Level Domains (TLDs) used in phishing attacks as follows:
As can be seen from the above, top of the list is .COM, with 455,297 phishing domain names reported. With around 155 million domain names under management, it is also the largest TLD; however, while the market share of .COM and .NET decreased slightly in 2025, the phishing domain names reported in these TLDs decreased even more significantly – from 37% to 32% compared to last year, and 54% compared to the 2020 report.
New generic Top Level Domains (gTLDs), on the other hand, represent only 11% of the market, but make up 51% of the phishing domain names reported. This is up from 9% of the market and 21% of phishing domain names reported in 2021.
By way of an example, the first seven of the above mentioned gTLDs (.TOP, .BOND, .XYZ, .SHOP, .INFO, and .XIN) have more total phishing domain names reported (478,449) than .COM, but only a tenth of its domain names under management (15.4 million).
The report found that country code Top Level Domains (ccTLDs) saw a significant decrease in phishing, from 15% in the 2024 study to 11% in 2025, with EU ccTLDs having the lowest phishing domain scores relative to Asian TLDs and gTLDs. This no doubt reflects the considerable efforts that a number of European Registries have put into discouraging abusive domain name registrations in recent years.
The report notes that only three ccTLDs appear in the top 20 phishing TLDs, namely: .CN (China), .CC (Cocos (Keeling) Islands) and .RU (Russia).
With regard to the conditions that make certain TLDs and registrars attractive to phishers, the report noted that nearly 37% of the domain names used for phishing were registered in bulk, which is up from 27% in the previous report. TLDs with no registration restrictions also scored highly.
Another factor attractive to phishers, as noted in the report, was cost, with new gTLDs offering registrations for under US$2 generally having the highest phishing scores.
Hosting providers that provide reverse proxy nameservers that disguise the underlying nameservers of a domain name, as well as other redirection services, are also heavily patronised by phishers.
Concurrently, the report found that over half of all phishing attacks reported worldwide were hosted with US-based companies and that the US has been the top hosting location for phishing attacks for five years in a row.
With regard to strategies to mitigate phishing, the report argues that domain name and hosting providers are best placed to identify suspicious registrations and should “bear responsibility for mitigating this malicious behavior”. As such, they should put in place procedures and tools to “proactively identify and act on such suspicious patterns to increase the efficiency and effectiveness of abuse mitigation and prevention.”
The report goes so far as to say that registrants wishing to bulk register domain names should be “vetted and required to prove their identity before accessing these services” and that registrants associated with prior malicious registration activity should be denied. These recommendations echo both recent calls by ICANN’s Government Advisory Committee (GAC) for urgent action on DNS abuse policy prior to the release of a new round of gTLDs in April 2026 (see July/August 2025 issue of Anchovy News) and the findings of ICANN’s INFERMAL (Inferential Analysis of Maliciously Registered Domains) report (see June 2025 issue of Anchovy News). This latter report concluded that “well-targeted mitigation strategies, such as restricted API access, identity verification, and pricing transparency, can reduce abuse while preserving access for legitimate users.”
For more information, please contact David Taylor or Jane Seager.
While a new round of new generic Top Level Domains (gTLDs) in on the horizon, a number of new gTLDs from the first round of 2012 have yet to launch. After the latest launch .FAST, .TALK and .YOU by Amazon Registry, it is now the turn of another new gTLD from the first round: .YUN.
Chinese software company QIHOO 360 Technology Co. Ltd has recently launched its first new gTLD: .YUN (meaning “cloud”) which was delegated to the Root Zone in March 2016. It is also the sponsoring organisation for the new gTLDs .XIHUAN (meaning “like”), .ANQUAN (“security”) and .SHOUJI (“cellphone”) which are not in use yet.
The launch of .YUN took place on 24 September 2025 and started with a Sunrise Period which will run until 27 October 2025. During this period, trade mark holders who have registered their trade marks with the TradeMark Clearinghouse (TMCH) can apply for the corresponding domain names under .YUN. It is a “Start Date” Sunrise, meaning that domain names are allocated on a first-come, first-served basis.
At the time of writing, limited information is available on the possible next phases of the launch. The date of General Availability, when anyone will be able to register available .YUN domain names on a first-come, first-served basis at standard prices, has not yet been published, but it is likely to be before the end of the year.
For more information, please contact David Taylor or Jane Seager.
SIDN, the Registry responsible for running the Netherlands’ .NL country code Top Level Domain (ccTLD), recently upgraded its RDAP (Registration Data Access Protocol) service to the ‘profile 2024’ specification and implemented the Registration Data Policy, which is an ICANN Consensus Policy that outlines the requirements for processing registration data.
On 7 August 2025, SIDN activated its new RDAP implementation for the .POLITIE, .AMSTERDAM, and .AW (for Aruba) domain name extensions that it administers, extending the rollout to .NL in early September. In a blog post on the subject, SIDN stated that its service is one of the first to successfully pass all RDAP implementation compliance tests using ICANN’s tools and noted that it has evaluated numerous other RDAP implementations and discovered that “most don’t pass all elements of the extended tests”.
The RDAP service is the modern successor to the traditional Whois protocol, offering a standardised and more reliable way to access domain name registration data online. Beyond its modern access method, RDAP differs from Whois in how it structures data. With RDAP, all information is organised into clearly defined fields within a JSON (JavaScript Object Notation) data structure, making it easy to process automatically. By contrast, Whois outputs unstructured text, which can only be parsed through scraping and informal conventions that evolved over time. RDAP also introduces access control, allowing different levels of information to be shared with different types of users.
It is worth noting that ICANN’s requirements apply only to all ICANN-accredited registrars and gTLD Registry Operators that have an agreement with ICANN. ccTLDs operators are free to define their own policies, although, in practice, they often fall into line with ICANN’s policies.
According to SIDN, the most noticeable change for RDAP users after the upgrade is the size of the responses. The new version delivers much larger outputs as they now include all fields marked as “redacted” at the end of each response, making it clear to users exactly which information has been withheld.
Although RDAP is steadily expanding in scope and popularity, SIDN has said it has no immediate plans to retire the classic Whois service. “It’s still very well used” says Martin Sanders, Product Owner at SIDN. “More than 60 percent of the traffic is still accounted for by Whois queries.” However, he notes that the existing Whois service has been using RDAP in the background for a long time now. “The Whois is simply a front end, connected to the RDAP infrastructure by means of middleware.”
Sanders elaborates on this point stating that “at the moment, we still call the website tool a Whois, because the name is very familiar to people in the industry”. In due course, we’ll probably change it to something like ‘domain name data lookup tool.”
The transition from Whois to RDAP marks more than just a technical upgrade. For Registries like SIDN, it reflects a broader shift toward structured, transparent, and more secure handling of domain registration data. By adopting RDAP, Registries gain the flexibility to tailor data access to different users, while making information easier for systems to process.
To visit SIDN, please click here. For further information, please contact David Taylor or Jane Seager.
In a recent decision under the Uniform Domain Name Dispute Resolution Policy (UDRP), a three-member Panel appointed by the World Intellectual Property Organization (WIPO) unanimously denied a Complaint filed by an Australian company, Redcat Pty Ltd, against an individual based in the USA concerning the disputed domain name redcat.com. The Panel not only dismissed the Complaint, but also issued a finding of Reverse Domain Name Hijacking.
The Complainant was the owner of several trade mark registrations in Australia, New Zealand and the United Kingdom in the term REDCAT, all registered in November 2024. No other information about the Complainant’s activity, the size of its business or its reputation was supplied, but the scope of the Complainant’s trade marks suggested to the Panel that the Complainant’s business involved the supply of IT services to the hospitality industry.
The domain name was registered on 7 October 1996. There was no evidence of it ever having resolved to an actual website. However the Respondent supplied evidence that he had used it for email since at least 1997 and had registered “Redcat” as a business name with the Oregon Secretary of State in connection with a technology and consulting venture operating under that name.
The Complainant had made an attempt to purchase the domain name, but had not received any response from the Respondent.
To be successful in a complaint under the UDRP, a complainant must satisfy the following three requirements under paragraph 4(a):
(i) the domain name registered by the respondent is identical or confusingly similar to a trade mark or service mark in which the complainant has rights; and
(ii) the respondent has no rights or legitimate interests in respect of the domain name; and
(iii) the domain name has been registered and is being used in bad faith.
As far as the first limb was concerned, the Panel agreed that redcat.com was confusingly similar to the Complainant’s trade mark, although it emphasised that it did not accept the Complainant's claim to have unregistered trade mark rights in the term Redcat as there was no evidence of this.
With regard to the second limb, the Panel found that the Complainant had failed to establish that the Respondent had no rights or legitimate interests in the domain name. The Respondent’s credible and persuasive evidence was sufficient to demonstrate that he obtained the domain name in 1996 for his own personal and business use without any knowledge of the Complainant.
Regarding the third limb and bad faith, the Panel found that the domain name was registered 28 years before the Complainant obtained any trade mark rights. As a result there could be no bad faith registration targeting the Complainant. The Panel underlined that there was no evidence to suggest that the Respondent had registered the domain name with knowledge of the Complainant's trade mark and therefore with the intention of taking unfair advantage of that trade mark. The Panel stressed that where a domain name is legitimately held, there is no obligation on the owner to reply to unsolicited inquiries, and such conduct cannot amount to bad faith. The Panel therefore found that the Respondent’s registration and use of the domain name was not in bad faith and the Complaint was denied.
In addition, the Panel found that the Complainant had engaged in Reverse Domain Name Hijacking, defined under the UDRP Rules as “using the Policy in bad faith to attempt to deprive a registered domain-name holder of a domain name”. The Panel noted that the Complainant knew or should have known that it could not succeed under the UDRP as the domain name had first been registered many years before its trade marks and consisted of two common English three-letter words. The Panel noted that the Complainant had initially tried to approach the Respondent to try and purchase the domain name, but in that correspondence it did not suggest that it had any prior rights. When the Complainant received no reply, it subsequently filed a Complaint based on passive holding, although it was misleading as it omitted the recent date of the Complainant’s trade mark registrations and contained minimal evidence. In the Panel’s view, the Complaint lacked any foundation for the allegations that the Respondent must have had the Complainant in mind when he registered the domain name.
Finally, the Panel pointed out that if the Complainant had taken competent legal advice, it should have appreciated that the Complaint had no realistic prospect of success If the Complainant did not take competent legal advice, it should have carried out some basic research as to what it needed to demonstrate and understood that it could not succeed.
This decision is a reminder to brand owners that the UDRP is not a “Plan B” solution following an unsuccessful purchase attempt. No matter how difficult it might be to find and negotiate with a domain name holder, filing a UDRP is not a realistic option without evidence of bad faith targeting. Whilst failure to make contact with a domain name owner is a common problem, in particular when it is not being used and the WhoIs contains no contact information, leveraging the UDRP is rarely a viable alternative.
The decision is available here.
In a recent decision under the Uniform Domain Name Dispute Resolution Policy (UDRP) before the World Intellectual Property Organization (WIPO), a Panel denied a UDRP Complaint for the disputed Domain Name startablog123.com. The Panel found that the Domain Name had not been registered or used by the Respondent in bad faith as it was believable that the Respondent acquired it based on its descriptive value rather than to exploit the Complainant's trade mark, if any, although the disputed Domain Name had likely been registered via drop-catching. In light of its finding under the third element and the cumulative nature of the three requirements under the UDRP, the Panel declined to make a finding under the first and second elements.
The Complainant, GW50, LLC d/b/a Trendline SEO, was a company based in the United States that provided search engine optimization (SEO) services. As at the time when the Respondent acquired the disputed Domain Name, the Complainant did not hold any registered trade mark rights or have any pending trade mark registrations for STARTABLOG123 or any variations of it.
The Respondent was an individual connected with the company Shared Domains OU based in Estonia. The Respondent had written articles about acquiring expired domain names for their SEO benefits and discussed the purchase of expired domain names, backlinks and private blog networks (PBNs) on a podcast episode released in August 2023. As noted by the Panel, both parties were sophisticated businesses involved in SEO.
The disputed Domain Name was previously held by a third party before being acquired by the Complainant on 13 March 2018 for USD 25,000. Between 2018 and 2023, the Complainant used the disputed Domain Name to resolve to a website that provided information on how to start a blog, including offering a beginner's guide to starting a blog and a link to a third-party web hosting service. The Complainant claims to have spent approximately USD 55,000 redesigning, expanding and renewing its website at the disputed Domain Name. The Complainant inadvertently let the disputed Domain Name lapse on 2 April 2025 and the Respondent registered it the following day, on 3 April 2025.
At the date the Complaint was filed, the disputed Domain Name resolved to a website that provided information about starting a blog, titled "StarB123 Your stellar start in blogging", as well as featuring blog posts dated prior to the date of registration of the disputed Domain Name, 3 April 2025. The website featured "team" information that the Panel noted appeared to be fake, and an address in New York that did not exist.
Before the filing of the Complaint in July 2025, in April and May 2025 the Complainant attempted to contact the Respondent via email with the intention of re-acquiring the disputed Domain Name. The Complainant did not receive any response from the Respondent. On 2 June 2025, the Complainant applied for a trade mark registration in the United States for STARTABLOG123, claiming a date of first use of at least as early as 13 March 2018. The Complainant has written about the loss of his domain name on an online blog post.
To be successful in a complaint under the UDRP, a complainant must satisfy each of the following three requirements:
The Complainant argued that it had common law rights in STARTABLOG123 dating back to 2018, that the Respondent was not commonly known by the disputed domain Name, with the website to which it resolved failing to offer any genuine content, displaying only thin AI-generated material. The Complainant also argued that UDRP panels had "routinely" found that the opportunistic drop-catching of a recently-lapsed domain name constituted bad faith.
In relation to the first element, the Respondent argued that the disputed Domain Name comprised generic and descriptive terms, with "start a blog" being a commonly used phrase in the blogging and digital marketing industry, and the numbers "123" being a non-distinctive numeric suffix. The Respondent also noted that at the time when he acquired the disputed Domain Name, the Complainant had no registered trade mark rights, nor had it demonstrated common law rights in "startablog123".
In relation to the second element, the Respondent argued that the use of domain names comprising dictionary terms consistent with their common meaning may support a finding of legitimate interests. The Respondent further argued that it had no knowledge of the Complainant nor any trade mark rights, registered or unregistered, when it registered the disputed Domain Name and did so based on its descriptive value rather than to exploit the Complainant's trade mark rights. The Respondent requested that the Panel consider making a finding of Reverse Domain Name Hijacking (RDNH).
The Complainant submitted a Supplemental Filing but, given that the filing did not adduce any new arguments over and above those already made in the Complaint, the Panel found that even if it were to consider the filing, it would not change the outcome of the proceeding.
Prior to setting out its legal findings, the Panel noted that an asserting party must support its factual claims with evidence and could not meet its burden by making conclusory statements unsupported by evidence.
In relation to the first element, the Panel found that the Complainant did not hold any registered trade mark rights and that a pending trade mark application did not satisfy the first element of the UDRP. The Panel noted that the Complainant had not provided any evidence that it had established reputation in STARTABLOG123, i.e., had not provided information as to the traffic to the website at the disputed Domain Name, advertising costs, the number of customers nor any revenue generated by the business. That said, in light of its findings under the third element of the UDRP, the Panel declined to make a finding under the first element.
The Panel also declined to make a finding under the second element, i.e., whether the Respondent had rights or legitimate interests in respect of the domain name, given its analysis under the third element. The Panel did, however, note that it was "troubled" by the Respondent's website at the disputed Domain Name, finding that it was "misleading and deceptive in several respects", which was not consistent with a website of a bona fide business.
In relation to the third limb, the Panel found that although drop-catching cases, by their very nature, involve the registrant of a disputed domain name being objectively aware that the domain name was held by another person immediately prior to its registration, effectively putting the registrant on notice that another person may have rights in a trade mark to which the domain name is identical or confusingly similar, not all drop-catching cases lead to a finding against the respondent. The Panel noted that each case should be reviewed on its own merits and found that in the present case, it was "believable" that the Respondent registered the disputed Domain Name based on its descriptive value rather than for the purpose of exploiting the Complainant's trade mark rights. In this regard, the Panel noted that the Complainant had no registered or pending trade mark rights in STARTABLOG123 at the time when the Respondent registered the disputed Domain Name and that the evidence of the Complainant's reputation in the term was "not strong to say the least".
The Panel also noted that another factor potentially evidencing bad faith use was the offering of a disputed domain name for sale. In the present case, the Panel found that there was no evidence that the Respondent had offered the disputed Domain Name for sale to the Complainant or to any other person.
The Panel agreed with the Complainant that the website at the disputed Domain Name was not bona fide and that the deliberate back-dating of posts meant that it was not a genuine publication, but instead a "façade designed to feign long-standing use". In the Panel’s view this could imply that the Respondent was aware of the traffic generated by the Complainant using the disputed Domain Name and had sought to profit from that ("to retain link equity", in the words of the Complainant), but the Panel held that this, in and of itself, did not demonstrate that the Respondent registered or used the disputed Domain Name in bad faith under the UDRP.
Finally, the Panel considered the Respondent's request for a finding of RDNH. The Panel found that this was not a case of RDNH, noting that the Complainant had made arguments, albeit unsuccessful, as to why the Complainant satisfied the three UDRP elements and had cited cases relating to drop-catching. The Panel noted that the lack of success of a UDRP Complaint is insufficient on its own to warrant a finding of RDNH.
This case underlines that domain name owners should consider carefully the steps needed to renew their domain name(s) as well as the potential risks of allowing their domain name(s) to expire, especially if they are or have been well known and/or generate a lot of traffic. In addition to ensuring that domains are placed on auto-renew, email addresses are monitored and expiry notices are acted upon in the first instance, domain name holders should also consider applying for registered trade marks as part of their brand protection strategy.
The decision is available here.
In a recent decision under the Uniform Domain Name Dispute Resolution Policy ("UDRP") before the World Intellectual Property Organization ("WIPO"), a panel denied a Complaint regarding the disputed domain name bisongreencash.com (the "Domain Name"), finding that the Complainant had failed to establish trade mark rights for purposes of standing under the UDRP.
The Complaint was filed by an individual in his capacity as the CEO of TLC Ops, based in the United States. The Complainant described itself as having been active in the financial lending industry since 2017. The Complainant stated that it had been operating its "Bison Green" financial lending business since 2017, with an official website at "www.bisongreen.com".
The Complainant produced evidence showing that another company, Yatta Outsourced Processing Solutions, Inc., doing business as TLC Ops, had filed an application before the United States Patent and Trademark Office for "BISON GREEN". The application was filed on 2 April 2025.
For purposes of the decision, the Panel treated the individual filing the Complaint together with Yatta Outsourced Processing Solutions, Inc., doing business as TLC Ops, as the Complainant.
The Domain Name was registered on 20 August 2024. The Domain Name resolved to a website in English offering instalment loans with the text, "Apply For Fast Loan – It's EASY! The smart choice for finding the perfect tribal loan from Bison Green Cash tailored to your needs."
To succeed under the UDRP, a complainant must satisfy the requirements of paragraph 4(a) of the Policy:
Identity or confusing similarity
The Panel noted that the Complainant had filed a trade mark application for "BISON GREEN" in the United States, but it had not been registered at the time of the decision. The Panel further held that a pending trade mark application does not establish trade mark rights under the UDRP.
The Complainant claimed common law trade mark rights based on business activities under the "BISON GREEN" brand since 2017. However, to establish such rights, the Complainant needed to provide evidence that the mark had become a distinctive identifier associated with its goods or services. The only evidence of common law rights provided by the Complainant was a screen capture of the website "www.bisongreen.com", which reflected the then-current content.
The Panel noted that the website "www.bisongreen.com" indicated that the business was operated by WLCC Lending BGL, doing business as Bison Green Lending, a Native American‑owned entity within the Pine Ridge Reservation of the Oglala Sioux Tribe. While the Complainant's address matched that of WLCC Lending BGL, there was no explicit evidence or claim of a relationship between the Complainant and WLCC Lending BGL. The Panel further noted that the entity that had submitted the trade mark application upon which the Complaint was based, Yatta Outsourced Processing Solutions, Inc., doing business as TLC Ops, was not mentioned on the website. Even if the Panel were to accept that there was a relationship between the Complainant and the entity listed on the website, WLCC Lending BGL, the Panel found that the Complainant had failed to demonstrate that the mark had acquired distinctiveness or secondary meaning. Notably, the website in question did not demonstrate historical use, sales, advertising, public recognition, or consumer surveys. As a result, the Panel concluded that the Complainant had not established common law trade mark rights for the purposes of the UDRP. The Complainant failed to satisfy the requirements of paragraph 4(a)(i) of the UDRP, and the Complaint would therefore fail.
Noting that the Complaint had failed under the first element, the Panel declined to enter findings under the second and third elements of the UDRP.
Comment:
This case highlights the importance of preparation, evidence, and clarity in UDRP Complaints. A pending trade mark application does not establish rights under the UDRP, and common law rights require substantial evidence, such as proof of use, sales, advertising, and public recognition. A complainant must clearly establish its relationship to the trade mark or brand, as inconsistencies in ownership or identity can weaken the case. Historical evidence of the mark's use is critical to demonstrate distinctiveness over time. Additionally, complainants should follow established precedent and ensure their case is well-documented before filing, as insufficient evidence or ambiguity can lead to a denial.
The full decision is available here.
Authored by the Anchovy News team.
Anchovy News editorial team:
Anchovy® - Global Domain Name and Internet Governance
Hogan Lovells offers a unique, comprehensive and centralised Paris-based online brand protection service called Anchovy® for global domain name strategy, portfolio management and global enforcement. We are the only law firm to be an ICANN-accredited registrar and we are accredited with a number of country-specific Registries worldwide.
We also specialise in all aspects of ICANN’s new generic Top Level Domain (gTLD) process and we are an agent for the Trademark Clearinghouse. As the global Domain Name System undergoes an unprecedented expansion, brand owners must revise their online protection strategies and we are ideally placed to guide them.