As I've written before, the Uniform Rapid Suspension System (URS) -- the domain name dispute policy applicable to the new generic top-level domains (gTLDs) -- is just not catching on. Whether because of its limited suspension remedy, high burden of proof or other reasons, the URS remains unpopular among trademark owners. However, there's one interesting use to which the URS can be put: as a variation of a preliminary injunction.

While a true preliminary injunction is typically a court order to preserve the status quo, sometimes an injunction is used as a stop-gap measure to prevent a party from suffering immediate irreparable harm unless certain action is taken. In court, a preliminary injunction precedes further judicial action in the same proceeding.

While the URS doesn't strictly fit this definition, it can be used to the same effect.

Here's how: While the URS (which allows a trademark owner to get a domain name temporarily suspended) and the Uniform Domain Name Dispute Resolution Policy (UDRP) (which allows a trademark owner to get a domain name transferred to itself) are typically thought of as separate ("either-or") legal remedies, they can be used in conjunction.

Specifically, paragraph 13 of the URS states:

The URS Determination shall not preclude any other remedies available to the appellant, such as UDRP (if appellant is the Complainant), or other remedies as may be available in a court of competent jurisdiction. A URS Determination for or against a party shall not prejudice the party in UDRP or any other proceedings.

As a result, a trademark owner can take advantage of both the quick suspension remedy of the URS (determinations are typically issued within about 17 days) as well as the long-term transfer remedy of the UDRP (which usually requires about two months to reach a decision -- plus an additional 10 business days before implementation). To do so, a trademark owner could file a URS complaint followed by a UDRP complaint after the disputed domain name has been suspended.

The result (assuming the trademark owner is successful in both proceedings): The disputed domain name is quickly suspended, preventing any further harm, and then later transferred, allowing the trademark owner to use the domain name as it wants or at least to permanently keep anyone else from using it.

At least one trademark owner who pursued this approach has found success. Yves Saint Laurent won a URS determination for the domain names <saintlaurent.club> and <ysl.club> on July 22, 2014, followed by a UDRP decision for the same domain names, against the same registrant, on April 18, 2016.

Importantly, the panel in the UDRP case had no problem in finding bad faith even though, at the time of the UDRP proceeding, the domain names were still associated with suspension pages (as a result of the earlier URS determination). Specifically, the UDRP panel wrote:

The Panel notes for completeness that it does not consider that the web pages associated with each of the disputed domain names in their suspended incarnation, each stating that the disputed domain name has been taken down pursuant to the URS, constitute any "use" by the Respondent which should have any effect upon the analysis of whether such domain name is being used in bad faith in terms of the UDRP. In the Panel's opinion, it is the Respondent's use prior to any such suspension that is the focus of this question, namely during the period when the Respondent was in a position to exercise control over the disputed domain names.

Accordingly, the domain names that were previously suspended under the URS were ordered transferred to Yves Saint Laurent under the UDRP. Although Yves Saint Laurent apparently waited about 20 months after the URS determination before filing its UDRP complaint (while the domain names were still suspended), there's no reason why a trademark owner couldn't proceed directly to the UDRP after (or even before) receiving a URS determination.

Given the minimal cost associated with a URS proceeding (the Forum's filing fees start at only $375), the one-two punch of the URS-UDRP approach may be something that more trademark owners should consider.

Although domain name disputes involving adult content are among the oldest types of cybersquatting schemes, it seems as if porn sites using someone else's trademarks are less common than in the past -- perhaps because cybersquatters have found more effective ways to monetize their domain names. Or perhaps because they've consistently lost domain name disputes where sex-related websites are involved. Despite this background and the recent trend, one UDRP case is notable: <badhellokitty.com>.

For the benefit of those who don't have young children, or weren't children themselves since the mid 1970s, "Hello Kitty" is a fictional character originally aimed at pre-adolescent girls whose image first appeared on a vinyl coin purse and now can be seen on everything from plush toys to diaper bags to dresses. The "Hello Kitty" brand is owned by a company called Sanrio, which says the character "loves to bake and she can make really delicious cookies."

The Los Angeles Times has described "Hello Kitty" as "a part of global popular culture" since 1974, and Wikipedia cites the Detroit Free Press for valuing the "Hello Kitty" brand at "about $7 billion a year."

Naturally, the character's value holds appeal for those who want to take advantage of it, regardless of their rights or the consequences of their actions.

Enter <badhellokitty.com>.

In a UDRP dispute filed by Sanrio, the panel said simply that the domain name was used by its registrant in connection with "adult oriented materials." A search of the Internet Archive's Wayback Machine (which UDRP panels often cite) shows that the domain name was previously used to promote a woman who describes herself as Mistress Kitty -- "a Fetish Professional" who specializes in such things as "Sensual Bondage" and whose "greatest joy" is in "helping someone realize their deepest, darkest fantasies."

(Interestingly, a photograph of Mistress Kitty shows her with a patch of pink across the front of her blonde hair -- similar to the pink ribbon that the Hello Kitty character always displays across her white head.)

The website using the <badhellokitty.com> domain name included photographs of Mistress Kitty performing some of her services with a nude man. Another page lists Mistress Kitty's fees, starting at $250 per hour.

Regardless of what anyone may think of Mistress Kitty, her services or the photos on her website, one thing is without question: The content is not suitable for children. And the UDRP panel readily agreed, entering an order with minimal discussion that the domain name should be transferred to Sanrio (which, presumably, will maintain the domain name registration but disassociate it from any website).

Of course, not all sex-related cybersquatting takes advantage of popular children's brands. But frequently, using a domain name that contains someone else's trademark in connection with adult-related content is not something that domain name panelists look upon favorably.

As one UDRP panel wrote many years ago, in a dispute against the popular cybersquatter John Zuccarini:

Respondent’s acts of typo-squatting and redirecting the Domain Name to pornographic websites do not qualify as a bona fide offering of goods or services.... Bad faith is further evidenced by Respondent’s use of the Domain Name to forward Internet browsers to websites featuring pornographic material.

The <badhellokitty.com> case is just one of the latest examples of cybersquatting and adult-related content. It also makes clear that anyone -- any trademark owner -- can be targeted by cybersquatters without regard to the impact on consumers.

Click above for a replay of the GigaLaw webinar, "Cybersquatting and Banking: How the Financial Services Industry Can Protect Itself Online." The webinar was presented live on May 11, 2016. In this free webinar, Doug Isenberg of GigaLaw and Craig Schwartz of fTLD Registry Services provide important information about how domain name fraud is affecting the financial services industries, including banking and insurance, and what businesses and consumers can do to protect themselves online. While some new top-level domains (such as fTLD’s .BANK and .INSURANCE) provide protection for trademark owners, the availability of nearly 1,000 new TLDs is also creating new opportunities for cybersquatters.

As recent news reports indicate, online banking scams are leading to multi-million-dollar losses, so the need has never been greater to safeguard the future of conducting financial transactions on the Internet.

This webinar will explain how trademark owners in the financial services industry (and other frequently targeted business sectors) — as well as anyone who interacts with these industries online — can proactively protect themselves against cybersquatting and use important rights protection mechanisms such as the Uniform Domain Name Dispute Resolution Policy (UDRP) and the Uniform Rapid Suspension System (URS) to respond to online attacks.

Playing time is approximately one hour.

Related blog posts:

• The Growing Threat of Cybersquatting in the Banking and Finance Sector
• The Hope and Threats of New Domain Names for the Financial Services Sector
• Old Cybersquatting Tactic is New Again: A Case Study from the Banking Industry

Many trademark owners are continuing to fall for one of the oldest tricks in the cybersquatter's handbook: Failing to register a domain name that contains "www" as its first three characters. To be clear, I'm referring to a second-level domain that includes "www" in it -- not a web address (or URL) that uses "www" at the beginning as a third-level domain.

For example:

• In the URL www.bankofamerica.com, the relevant (second-level) domain name -- that is, the portion that is (or, rather, was) available for registration to anyone -- is simply "bankofamerica".
• In the URL wwwbankofamerica.com (without a dot between "www" and "bankofamerica"), the relevant (second-level) domain name is actually "wwwbankofamerica".

The difference in the above two examples is that the second one ("wwwbankofamerica.com") includes the characters "www" as a part of the domain itself. And, as a panel under the Uniform Domain Name Dispute Resolution Policy (UDRP) wrote in one of the earliest decisions addressing this type of activity, <wwwbankofamerica.com> "takes advantage of a typing error (eliminating the period between the www and the domain name) that users commonly make when searching on the Internet."

Since Internet users commonly, and unintentionally, "drop the dot," they end up at a website that may be unrelated to the website they were seeking. In the nearly 16-year-old Bank of America case, the domain name registrant "transport[ed] users to a website that [wa]s designed to derive revenue and profits from the banner ads and other commercial content," according to the UDRP decision.

Despite the age of the Bank of America UDRP decision, cybersquatters are still registering domain names that contain an unnecessary and misleading "www" -- because trademark owners still forget to register those variations of their trademarks as domain names. Recent UDRP decisions include those involving the following domain names:

• <wwwcalbanktrust.com>
• <wwwlegoworlds.com>
• <wwwnetbet.com>
• <wwwallianzworldwidecare.com>
• <wwwthehartford.com>
• <wwwcarrefour.com>
• <wwwfurla.com>
• <wwwathenahealth.com>
• <wwwmicrosoftword.com>
• <wwwchoicehotels.com>

In an variation on the same theme, some cybersquatters register domain names containing "www-" at the beginning (to catch Internet users who mistype a dash instead of a dot). Recent UDRP decisions in that scheme include those involving the following domain names:

• <www-lendingtree.com>
• <www-youtubeaccelerator.com>
• <www-capitalonebank.com>
• <www-exness.com>

In all of the UDRP decisions for the domain names listed above, the trademark owners prevailed, obtaining orders transferring the domain names away from the cybersquatters. But, in some (if not all) cases, not before damage was done. In the Choice Hotels case, for example, the trademark owner alleged that the domain name "resolve[d] to either third-party websites offering competing hotel reservation services or sites comprised of pay-per-click links to competing hotel reservation services," according to the UDRP decision, apparently resulting in lost business. Similarly, in the Capital One case, the domain name directed Internet users to "competing services."

UDRP panels typically have no reluctance to find such "www" domain names confusingly similar to the relevant trademarks. In the Carrefour case, for example, the panel wrote: "The similarity between the mark and the disputed domain name is obvious and does not require elaboration."

In addition, UDRP panels often find inclusion of "www" in a domain name containing a third party's trademark to constitute evidence of bad faith, in and of itself. Such a practice "is an obvious case of typosquatting," as the panel in the Furla case said.

In other words, these "www" domain names are typically strong UDRP cases for trademark owners, even if some of them could have been avoided in the first place by strategic domain name registrations.

A just-launched ICANN "working group" (of which I am a member) will -- eventually -- help to determine the future of the Uniform Domain Name Dispute Resolution Policy (UDRP), the 17-year-old domain name arbitration system that has been embraced by trademark owners and criticized by some domainers; as well as the Uniform Rapid Suspension System (URS), the new (and limited) arbitration process that applies to the new gTLDs. The Policy Development Process Working Group has been chartered by ICANN's Generic Names Supporting Organization (GNSO) Council to review the rights-protection mechanisms (RPMs) that have been developed for all generic top-level domain names (gTLDs). Despite the numerous acronyms necessary to describe the group, the charter is relatively straightforward and includes two phases:

• Phase One will focus on "a review of all the RPMs that were developed for the New gTLD Program" -- including "the Uniform Rapid Suspension System (URS); the Trademark Clearinghouse (TMCH) and the associated availability through the TMCH of Sunrise periods and the Trademark Claims notification service; and the Post-Delegation Dispute Resolution Procedures (PDDRPs)."
• Phase Two will focus on "a review of the UDRP" -- which the charter notes "has not been subject to comprehensive review."

The list of potential questions the group will address include important issues, such as:

• Should UDRP complaints be subject to a statute of limitations?
• Are domain name registrants' free speech rights adequately protected under the UDRP?
• Should the UDRP's requirement that a domain name be "registered and is being used in bad faith" be changed to registration or use in bad faith, as under some other domain name dispute policies?
• Should UDRP panels be able to award monetary damages?
• Should default judgments be available if a domain name registrant fails to file a response?
• Should complainants face penalties for "reverse domain name hijacking" -- that is, when the UDRP has been used in bad faith?
• Should the URS allow for a "perpetual block" of a domain name, not just a temporary suspension?

And these are just a few of the nearly 100 "potential issues for consideration" listed in the group's charter.

Given its large (and, in many cases, surely controversial) agenda -- and, in any event, like all ICANN activities -- this RPM working group likely will take a long time before issuing its reports; one of the group's anticipated three co-chairs suggested during the first phone call that it would probably be "late 2017" before Phase One is complete -- and even that timing could be optimistic. Plus, any resulting recommendations ultimately must be approved by the ICANN board, as set forth in the GNSO Policy Development Process (PDP) .

As a result, although it's impossible to know what the RPM working group will decide on any of the topics on its plate, it's safe to say that no changes to the UDRP or the URS are imminent.

Fact: A company called Rocketgate PR LLC, which owns a U.S. registration for the trademark ROCKETPAY, filed two UDRP complaints on the same date against two different domain name registrants -- for the domain names <rocketpay.com> and <rocketpays.com>. (The only difference is that the latter domain name is plural.) In both cases, the disputed domain names were associated with inactive websites. The UDRP cases were assigned to two different panelists, who issued their decisions one day apart.

Surprise: Rocketgate won one of the UDRP cases and lost the other one. And, no, the singular v. plural domain names had nothing to do with the different outcomes.

While critics are quick to blame UDRP panelists for inconsistent decisions, the Rocketgate cases are easily distinguishable. And, they provide a good reminder about a fundamental requirement of the UDRP as well as the need to submit complaints that are well-argued (at least, where the facts make such arguments appropriate).

So, why did Rocketgate receive a split decision in these cases? The answer, actually, is very simple.

Registration Dates Matter

In both cases, the panels found that Rocketgate prevailed on the first of the three UDRP elements, that is, that the disputed domain names were identical or confusingly similar to a trademark in which Rocketgate held rights. As the panel in the <rocketpays.com> decision wrote, the additional letter "s" (which does not appear in the ROCKETPAY trademark owned by Rocketgate) was irrelevant, noting that "such a minor spelling alteration" cannot "negate a finding of confusing similarity which is otherwise present as it is in this case."

However, in the <rocketpay.com> case, which Rocketgate lost, the panel found that Rocketgate failed on the second element of the UDRP, which requires a complainant to establish that the respondent has "no rights or legitimate interests in respect of the domain name" -- because the domain name was registered in 2002, more than 12 years before Rocketgate began using the ROCKETPAY trademark.

Indeed, as the <rocketpay.com> decision reports, the respondent argued that "unless he was a 'psychic', he could not have registered a domain name to tarnish a trademark filed 12 years later."

This is consistent with the WIPO Overview of WIPO Panel Views on Selected UDRP Questions, Second Edition, which addresses the question of whether a domain name registrant acts in bad faith (the third UDRP element) if it registers a disputed domain name before the complainant's trademark rights arose:

Generally speaking, although a trademark can form a basis for a UDRP action under the first element irrespective of its date..., when a domain name is registered by the respondent before the complainant's relied-upon trademark right is shown to have been first established (whether on a registered or unregistered basis), the registration of the domain name would not have been in bad faith because the registrant could not have contemplated the complainant's then non-existent right.

In the other Rockegate UDRP decision (for <rocketpays.com>, which Rocketgate won), the domain name was registered much more recently -- eight days after Rocketgate established trademark rights in the ROCKETPAY trademark, according to the decision. In that case, the panel found the timing of the domain name registration significant and indicative of "opportunistic bad faith." The panel said, "it can scarcely be a coincidence that Complainant began using the ROCKETPAY mark on October 1, 2014 and Respondent registered the domain name on October 9, 2014."

Two Important Lessons

The Rocketgate decisions provide important lessons about domain name disputes under the UDRP.

First, the facts of every case are always important. Just because a domain name is identical to a trademark does not mean that the trademark owner will prevail. As the Rocketgate decisions make clear, this is only one of three equally significant tests under the UDRP, and the trademark owner must win on all three elements to win the dispute.

Second, both of the Rocketgate decisions provide important reminders that every UDRP case must be supported by appropriate facts and legal arguments. Even in the case that Rocketgate won, the panel criticized Rocketgate for its weak complaint, at one point noting that "Complainant has not provided evidence of this allegation" and at another point admonishing Rocketgate that "parties and their advisers are reminded that they should adduce evidence of all allegations made."

Perhaps the real surprise in this pair of cases is not that Rockegate lost one of them, but that Rocketgate won one of them. The split decisions should encourage trademark owners to pick their cases carefully -- and then argue and support them forcefully.

In the early days of domain name disputes (that is, the mid-1990s), cybersquatters targeted trademark owners by registering exact trademarks in the .com top-level domain (TLD) -- often, because a trademark owner had not yet heard (or appreciated the potential) of the Internet. A writer for Wired magazine famously registered <mcdonalds.com> and, in an article in October 1994, wrote about how he struggled to educate the fast-food chain about domain names. "It's easy to find an unused domain name, and so far, there are no rules that would prohibit you from owning a bitchin' corporate name, trademarked or not," Joshua Quittner wrote almost 22 years ago, before most of the public really knew about domain names.

Indeed, many of the early decisions under the Uniform Domain Name Dispute Resolution Policy (UDRP) involved so-called exact-matches of well-known trademarks: <christiandior.com>, <encyclopediabrittanica.com>, <general-electric.com>, <baileysirishcream.com>, <hamburgerhamlet.com>, <stanleybostitch.com>, <greenbaypackers.com>, <southerncompany.com> and many, many more.

The Evolution of Cybersquatting

But then, as trademark owners woke up to the Internet, they proactively registered their primary trademarks as domain names if they were still available. Or, they used the UDRP or the courts to wrestle them away from cyberquatters. And, then even tried to get a step or two ahead of the cybersquatters by registering in less-popular TLDs such as .net and .org.

As a result, cybersquatting evolved. Exact-matches became less popular, and "typosquatting" -- that is, the registration of a domain name that contains a typographical variation of a trademark, such as <plaboy.com> and <wallstreetjouranl.com> -- took off. Cybersquatters also began to register domain names that contained words in addition to a trademark (such as <lexuschicago.com> and <gayebay.com>). None of these changes eliminated cybersquatting (indeed, the number of UDRP complaints continues to rise), they just changed the landscape.

Now, the arrival of hundreds of new TLDs is making the old form of cybersquatting new again.

The Case of comerica.mortgage

For example, Comerica Bank, which uses the <comerica.com> domain name (created September 1995) recently filed a UDRP complaint for the domain name <comerica.mortgage>.

According to the UDRP decision, Comerica is one of the 35 largest U.S. financial and bank holding companies, with more than $71 billion in assets with offices in Canada and Mexico, in addition to the United States. It began using the COMERICA trademark in 1982 and owns numerous United States registrations for the mark. In addition to using the <comerica.com> domain name, Comerica also wisely registered <comerica.net> and <comerica.org> (both created February 1998).

Despite its size and apparent Internet savvy, Comerica did not register <comerica.mortgage> when the .mortgage TLD was launched in 2014. While it's unclear why Comerica chose to pass on this domain name, someone else registered it and, according to the UDRP decision, "offered to sell the disputed domain name to [Comerica] at a price higher than what he paid for it" and also "redirect[ed] [it] to a website where Respondent offers other domain name names for sale."

Fortunately for Comerica, the UDRP panel had no problem finding that the bank satisfied all three elements of the domain name dispute policy, that is:

• The domain name <comerica.mortgage> is confusingly similar to the COMERICA trademark. Indeed, the panel wrote that "the addition of the '.mortgage' gTLD serves to enhance the likelihood of confusion because it references the field in which Complainant operates." (As I've written before, the TLD has increasingly become an important factor in some UDRP disputes. See, "When is the Top-Level Domain (TLD) Relevant in a Domain Name Dispute?")
• The registrant of the <comerica.mortgage> domain name had no rights or legitimate interests in it because Comerica "ha[d] not licensed or otherwise permitted Respondent to use the COMERICA Mark, and... there is no evidence that Respondent has been commonly known by the disputed domain name. Further, the Panel finds that Respondent’s use of the disputed domain name to redirect to a website which Respondent is using to sell other domain names is not a bona fide use."
• The <comerica.mortgage> domain name was registered and used in bad faith because, among other things, the .mortgage TLD "references [Comerica's] business" and the registrant "intentionally attracts Internet uses to Respondent’s own website by creating a likelihood of confusion with Complainant’s mark, and he commercially benefits from this confusion by offering domain names for sale at this website."

As a result, the UDRP panel ordered transfer of the <comerica.mortgage> domain name to Comerica, and Comerica now simply redirects it to its existing website at www.comerica.com.

Interestingly, however, Comerica does not control the exact-match of its trademark in other new TLDs, such as .money, .fund or .financial. Although these domain names have not been registered by Comerica, they also haven't been registered by anyone else -- which means that Comerica may find itself filing additional UDRP complaints in the future. Indeed, in addition to <comerica.mortgage>, Comerica also already has filed (and won) a UDRP complaint for <comerica.xyz>. (Although the .xyz TLD does not necessarily relate to the banking and financial services industry, it has proven to be one of the more popular new TLDs.)

What to Do

As the Comerica decisions make clear, cybersquatters are finding new opportunities in the new TLDs. And, Comerica is certainly not alone, as other trademark owners -- not only in the banking and financial services sector, but in virtually all industries -- need to pay renewed attention to how domain names affect their brands.

It['s still early in the launch of new TLDs, but cybersquatters often stay one step ahead of trademark owners. So, for those companies that fail to register their trademarks in the new TLDs and later find problems, the UDRP -- and, to some extent, the Uniform Rapid Suspension System (URS) -- should prove to be very helpful.

If a website uses a domain name containing the word "bank," is it really a bank? The answer may be as puzzling as the ancient thought-provoking philosophical question, "If a tree falls in a forest and no one is around to hear it, does it make a sound?" With the rising problems that banks and other financial institutions are facing online, the question is becoming increasingly important.

Fortunately, there's a (relatively) short answer to the bank domain name question. Unfortunately, it's like the answer to many legal questions: It depends.

It depends where in the domain name the word "bank" appears:

• If the word "bank" is a part of the second-level portion of the domain name, such as <bankofamerica.com>, then the corresponding website may or may not be for a real bank. (To be clear, the domain name I just cited as an example is indeed used by Bank of America -- a real bank.) That's because second-level domain name registrations in most top-level domain names (such as .com) are not restricted. In other words, anyone can register a second-level domain containing the word "bank" in the .com top-level domain.

• On the other hand, if the word "bank" is actually the top-level domain (TLD) -- that is, .bank -- then the domain name must be associated with a website for an actual bank or related entity. That's because the .bank TLD, operated by fTLD Registry Services (which also operates .insurance), is restricted. Specifically, fTLD's Registrant Eligibility Policy for .bank states that .bank domains are available only for "[s]tate, regional and provincial banks that are chartered and supervised by a government regulatory authority," or certain other qualified banks or bank-related entities.

The distinction is an important one.

That's because many domain names with the word "bank" in the second level are not registered by banks and, instead, have been used to conduct various scams. For example, the domain name <capitallbank.com> was used by a cybersquatter (not by Capital Bank) to "conduct a phishing scheme designed to obtain sensitive personal and financial information" from Capital Bank's customers.  Other domain names, such as <amgybank.com> and <td-bank-support.com>, have been used by cybersquatters to provide banking-related links that were not necessarily associated with the obvious trademark owners (that is, Amegy Bank and The Toronto-Dominion Bank).

Fortunately, all of the domain names in the preceding paragraph, which were once registered by cybersquatters, were transferred to the real banks through proceedings under the Uniform Domain Name Dispute Resolution Policy (UDRP).

Real banks apparently are finding the .bank TLD attractive. For example, Badger Bank in Wisconsin is now using the domain name <badgerbank.bank> because " banking staff knew that instituting a .BANK domain name would help solidify its strategic plan of focusing on cybersecurity measures to better serve its customers."

But, not all of the new gTLDs are restricted, including many of those that might be attractive to banks or other financial service providers. For example, .creditunion is intended for use only by "organizations that have a nexus with the credit union sector." But .creditcard is unrestricted.

Given the long list of new gTLDs that are associated with the banking and financial services industries -- such as .accountant, .broker, .financial, .fund, .markets, .money, mortgage, .netbank and .trading (just to name some!) -- the potential for confusion (by both trademark owners and their customers) is apparent.

Additionally, many of the hundreds of other new gTLDs that have nothing to do with the financial services sector are being used by cybersquatters. For example, banks already have filed and won UDRP complaints for the domain names <dollarbankloancenter.xyz>, <citibank.porn>, <hancockbank.online> and <tdbank.email>.

Thus, it is apparent that the new gTLDs are providing both opportunities and significant new risks for banks and other financial service providers. As a result, these organizations must become even more vigilant in policing domain names that violate their trademarks , to protect their customers as well as the future of their ability to safely conduct business online.