Trademark and Cyber Crime: When Domain Names Become a Weapon

Introduction

In this hyper connected world, which works more virtually than in physical mode, the domain name becomes far more than a mere web address. It becomes the face of a brand with reputational assets, commercial gateways, a digital store, and a point of trust between business and its consumer that becomes a form of trademark for the company. A coin always has two sides and here, these web addresses and domain names are misused in the cyber crime world where, phishing, cybersquatting, online scams threaten trademark holders and consumers alike. There have been instances where deceptive look-like sites erode trust and hijack reputation and where it becomes more than a name to a weapon in this new battleground of trademark protection. This article explains how trademarks are misused by various online scams and cyber crime practises. It explores the legal landscape in India with the laws, provisions, and remedies under the Information Technology Act, 2000, Trademarks Act 1999, and UDRP (Uniform Domain-Name Dispute-Resolution Policy). Looking at the policies globally along with landmark cases and examples and then offering a looking approach to tackle these threats in the different age where how can the domain name protect itself from cyber threats.

Understanding the Intersection of Trademarks and Domain Names

Domain names are similar to technical names, which is an identity of one’s business online in the form of user-friendly internet addresses, which are commonly used to find websites. They are created and registered in the domain name system and perform the same function as a trademark. As per the section (1) (zb) ^[1]Of the trademark act, 1999, trademark refers to any mark which is capable of being represented graphically and is able to distinguish the goods of service of one person, from those of others. The trademark is a mark that is used to protect traders and consumers against malafide use or adoption of others, well-known trademark to deceive general public to avail and fruitful benefits in the market as per case of the Cadbury India Ltd and others v. Neeraj food products.^[2]

In Satyam Infoway Ltd. v. Sifynet Solutions Pvt. Ltd.^[3] Which was a matter related to internet domain names, where the question was, whether the intellectual property rights such as trademarks, include domain names or not. In this case, the Supreme Court held that domain names not only serve as addresses for internet communication but also identify the specific internet site and distinguish specific businesses for services of different companies. It was held that these are not just addresses but business identify and they are entitled to trademark protection .These domain names are recognised as trademarks, both registered and unregistered and protected through concepts like passing off provided that they are distinctive and not deceptively similar to existing marks and should not be misused in bad faith.^[4]

Cybercrime and Trademark Misuse via Domain Names

Phishing and Identity Theft

There are various fraud domain mimic websites which ask for financial data and unsuspecting users by sharing their sensitive data, passwords of banking details and their credentials. Fake passing off domains, such as “hdfcbank-login.com” used to steal customer credentials by representing itself as HDFC official site.

Cybersquatting

The cybersquatting refers to the practice of registered names, identical or confusingly similar to trademarks with a bad faith intent. Definition of deceptively similar is given in section 2.(1)(h)^[5] of the trademarks act means that a mark would be considered deceptively similar if the mark resembles so near and is likely to deceive or cause confusion, which means that the trademarks are not identical and if they are resembling very close to mislead the public, they would be considered as deceptively similar^[6]

It isn’t that way as they try to mislead the customers, and at times, intend to sell it back to the rightful owners. In the case of Bombay High Court, Rediff Communication v. Cyberbooth barred the use of radiff.com, calling it deceptively similar to rediff.com. And similarly Yahoo Inc. v. Akash Arora,^[7] where “yahooindia.com” was restrained for being deceptively similar to “yahoo.com.”

Typo-squatting and Meta Tag Abuse

Typo-squatting refers to usage of simple spelling errors, which redirect users to fraudulent pages and manipulate search engine results. Various other names are also hidden on the website. Quotes are used for misleading consumers while skirting detection. Domain names like. amazon.in” fall under this category.

Legal Remedies in India

1. Trademarks Act, 1999: Has provisions related to trademark protection and infringement, where the infringement by the use of identical deceptively similar mark including domain names is prohibited as per section 29^[8]. Further the section 135 provides legal remedies such as injections, damages, and accounts of profits in case of violations.^[9]
2. Information Technology Act, 2000: The IT act, section 66 of the information technology act 2000 majorly deals with punishing identity type including personation via domain names. It also addresses cheating by personation through fraud websites under section 66C and section 66D^[10], respectively.
3. INDRP Indian Domain Name Dispute Resolution Policy^[11] (India-specific UDRP):The Indian domain name dispute resolution policy is administered by national internet exchange of India where the complaints must prove that there was trademark rights and there is no legitimate interest by the registerer and the registration was done in bad faith and bad intent to use. It Provides cost-effective and swift mechanism where within 2 to 3 months, the transfer or capitation of infringing domain is done.^[12]
4. International Framework: UDRP Uniform Domain Name, Dispute Resolution Policy^[13] :Administered by ICANN and WIPO for global domains like .com, .org. There is a three prolonged test where it is required to prove that the domain name is identically or confusingly similar to trademark and it has no rights or legitimate interest in the domain name, and it is being used in bad faith. The decisions are binding and are usually given within the period of 60 days.

Key Indian and International Case Law on Domain Name Protection

In the landmark case of Satyam Infoway Ltd. v. Sifynet Solutions Pvt. Ltd., it was informed that domain name serves as business identity, and they are entitled for protection. It was also held that even in the situation of unregistered trademark, the unauthorised use of deceptively similar would amount to passing off, this case laid the foundation of the Indian cyber intellectual property laws.

Similarly, in Yahoo Inc. v. Akash Arora, the Delhi High Court, restrain the use of yahooindia.com,” by granting an injunction order because it was held that holding such deceptive similarity amounts to misappropriation of goodwill along with that, the court also held that the importance of brand integrity in digital space is necessary.

The Bombay High Court in Rediff Communication Ltd. v. Cyberbooth^[14] held that the domain “radiff.com” was confusingly similar to “rediff.com,” and restrained its use. It recognises the importance of domain names and their relationship with reputation.

Likewise, in Flipkart Internet Pvt. Ltd. v. FlipkartShopping.com^[15], There was a dispute related to the Flipkart where there was unmistakable evidence that there was bad faith registration to mislead consumers where the domain name Flipkart shopping.com, was given to Flipkart

On the international front, UDRP proceedings in Microsoft Corp. v. Mike Rowe (popularly known as the “MikeRoweSoft” case)  ^[16]It was held that the domain was being transferred to Microsoft because it is confusing similarity and determined that it would lead to loss of profit and reputation to the tech giant.

Finally, in the case of Nicole Kidman v. John Zuccarini, ^[17]the WIPO Arbitration and Mediation Centre ordered the transfer of “nicholekidman.com” as domain name to the actress, recognising that the domain has bad faith, by registration of celebrity is for commercial game and impersonation.

Practical Implications and Industry Relevance: Why this problem is making more relevance

Due to the misuse of domain names, the brand erosion takes place which is the brand exclusivity and the unique identity of the brand. It also leads to consumer confusion where fake sites trick users along with eroding public confidence. Apart from this, due to various litigation companies have to face expensive costs and time in the process of litigation and arbitrations. In various other cases, international enforcement remains time consuming and uncertain with companies often paying heavy prices to reclaim their domains.^[18]

Recommendations and Way Forward

1. Strengthening Legal Frameworks
   • Currently, there is no dedicated law related to cyber crime and cyber threats, which also covers the intellectual property rights protection in cyber space. However, there is requirement in the Information Technology Act 2000 to explicitly recognise the main names and protect them from misuse of activities such as cyber crime and impersonation and online scams^[19]
   • They could also be specific provisions related to domain name under the trademark act 1990, which could address digital threats. With more and more multinational corporations and online businesses that’s spread across various countries across borders, corporation, and management of UDRP is required and there should be set rules and regulations and enforcement to protect the domain names.^[20]
2. Enhancing INDRP Mechanism: Improve the transparency and accessibility of INDRP decisions ^[21]and also including experts or a panel of arbitrators in cyber law and Digital forensics. Even penalties and fines are required to deter such practices.
3. Proactive Brand Protection Strategies, Public Awareness: Various brands can be protected by early trademark registration across multiple jurisdictions, and there could be legal awareness for small businesses on domain name risks.^[22]

Conclusion

There has been a continuous and growing misuse of domain names as the cyber crime practises such as phishing, cybersquatting, and online scams but not just merely used as a technical issue or a typographical error, but they harm the legal reputation and undermine consumer trust.

India has evolved to treat domain names as trademarks, but yet there are gaps in enforcement and policy clarity. There are various remedies under the Trademark Act of 1999 and Information Technology Act of 2000 and dispute resolution mechanisms like INDRP and UDRP, where trademark owners can reclaim their digital identity. However, a forward-looking approach is required where there is legislative reform and the specific laws to the cyber intellectual property rights are to be created, where there is strong, institutional strength and proactive laws with penalties and fines. The era is ever expanding which requires the law to evolve with it.

Author:- Anupriya Kushwaha, in case of any queries please contact/write back to us atsupport@ipandlegalfilings.com or   IP & Legal Filing.

[1] Trade Marks Act, § 2(zb), § 29, § 135, No. 47, Acts of Parliament, 1999 (India).

[2] Cadbury India Ltd. and Ors. v. Neeraj Food Products, 2007 (35) PTC 95 (Del).

[3] Satyam Infoway Ltd. v. Sifynet Solutions Pvt. Ltd., (2004) 6 SCC 145.

[4] Samridhi Dhir, Domain Name Disputes in India – Legal Remedies & Resolution, KANAKKUPILLAI (July 2, 2025), https://www.kanakkupillai.com/learn/domain-name-disputes-in-india/  (last visited July 10, 2025).

[5] Trade Marks Act, § 2(1)(h), No. 47, Acts of Parliament, 1999 (India).

[6] Nikhil Mishra & Damini Sharma, Cybersquatting and Trademark Issues: An Analysis with Reference to India, MANUPATRA (2021), https://docs.manupatra.in/newsline/articles/Upload/732b8573-24a1-4cb3-b98d-60a6fa364c0a.pdf  (last visited July 10, 2025).

[7] Yahoo Inc. v. Akash Arora, 1999 SCC OnLine Del 1134.

[8] Trade Marks Act, § 29, § 135, No. 47, Acts of Parliament, 1999 (India).

[9] Anish Sinha, Understanding Cybersquatting and Trademark Infringement: Legal Challenges and Remedies, LEGAL WIRES (Sept. 19, 2024), https://legal-wires.com/lex-o-pedia/understanding-cybersquatting-and-trademark-infringement-legal-challenges-and-remedies/  (last visited July 10, 2025).

[10] Information Technology Act, § 66C, § 66D, No. 21, Acts of Parliament, 2000 (India).

[11] INDRP (Indian Domain Name Dispute Resolution Policy), NATIONAL INTERNET EXCHANGE OF INDIA, https://www.registry.in/indrp  (last visited July 13, 2025).

[12] Akshay Agarwal, Cybersquatting and Trademark Issues: An Analysis With Reference To India, SATYAKI LEGAL (2024), https://satyakilegal.com/cybersquatting-and-trademark-issues-an-analysis-with-reference-to-india/  (last visited July 10, 2025).

[13] Uniform Domain Name Dispute Resolution Policy (UDRP), INTERNET CORPORATION FOR ASSIGNED NAMES AND NUMBERS (ICANN), https://www.icann.org/resources/pages/policy-2024-02-21-en  (last visited July 13, 2025); see also WIPO, https://www.wipo.int/en/web/amc/domain-name-disputes/guide/index  (last visited July 13, 2025).

[14] Rediff Communication Ltd. v. Cyberbooth, 1999 SCC OnLine Bom 93.

[15] Flipkart Internet Pvt. Ltd. v. FlipkartShopping.com, INDRP/1020 (2017).

[16] Microsoft Corp. v. MikeRoweSoft.com, WIPO Case No. D2004-0073.

[17] Nicole Kidman v. NicholeKidman.com, WIPO Case No. D2000-0009.

[18] Himani Makkad, Trademark Law in Cyberspace: Protection to Internet Address, THE LAW BRIGADE (2019), https://thelawbrigade.com/wp-content/uploads/2019/05/Himani-Makkad.pdf  (last visited July 10, 2025).

[19] National IPR Policy, MINISTRY OF COMMERCE & INDUSTRY, https://pib.gov.in/PressReleasePage.aspx?PRID=1941489 (last visited July 13, 2025).

[20] Exploring Intellectual Property Provisions Under the IT Act: Balancing Cyber Law and IPR Protection in India, INTEPAT IP BLOG (Feb. 4, 2025), https://www.intepat.com/blog/exploring-intellectual-property-provisions-under-the-it-act-balancing-cyber-law-and-ipr-protection-in-india/ (last visited July 13, 2025).

[21] Uniform Domain Name Dispute Resolution Policy (UDRP), INTERNET CORPORATION FOR ASSIGNED NAMES AND NUMBERS (ICANN), https://www.icann.org/resources/pages/policy-2024-02-21-en  (last visited July 13, 2025).

[22]Indian Domain Name Dispute Resolution Policy, Rules & Enforceability, LEXOLOGY (July 22, 2024), https://www.lexology.com/library/detail.aspx?g=05cbf827-2456-4f6a-be74-e8ffe900f96b  (last visited July 13, 2025).