One of the things that a trademark owner has no choice but to be vigilant about is the risk that a bad person will try to steal the Amazon Brand Registry (“ABR”) rights connected with the trademark (blog article). The usual way that a bad person will try to do this is by changing the email address that is on file at the USPTO for the trademark registration, then carrying out the ABR validation procedure (which involves Amazon sending an email message with a Secret Code Number to the email address on file) and then using the Secret Code Number to appropriate the ABR rights. Recently one of my clients found itself the target of such an attempt. The Trademark Office’s protective measure did not work, but fortunately IP Badger’s protective mechanism detected that the Trademark Office’s protective measure had failed. Here is the sequence of events.
The trademark registered last October. The mark satisfies many of my favorite qualities. If you hear it spoken, you can confidently guess how to spell it. If you see it written, you can confidently guess how to pronounce it. It is only four letters. So far as I know, it does not mean “donkey poop” in any language anywhere in the world. The company that uses the mark (my client, located in a country outside the US) is very well known in its particular industry, under this name. Astonishingly, if you plug this four-letter mark into TESS, there are only two live matching filings, one of which is our client and the other of which is a company whose goods are in a completely different area and my best guess is the two companies will never collide.
So I can sort of see why a bad person might be motivated to try to steal the ABR rights for this mark. And indeed that’s what happened this past Wednesday.
On Wednesday, March 24, at 5:03 PM Eastern Time, the bad person e-filed a CAR form. This is the form that bad people use to change the email address of record from what it should be to the bad person’s email address.
Instantly, the USPTO computer system fired of a warning email to our firm letting us know that this had happened. It is of course a good thing that the USPTO system is programmed this way. The email from the USPTO system, sent to us at 5:03 PM Eastern Time on Wednesday, March 24, said:
We received a request to change the Primary Email Address for Correspondence to ░░░░░░░@gmail.com on 03/24/2021 for the serial or registration number(s) listed below. The Primary Email Address for Correspondence is the email address of the appointed attorney, if any, otherwise the email address of the trademark owner/holder.
View the submission in Trademark Status and Document Retrieval (TSDR). Enter the serial number in the box and click the blue ‘Documents’ button. Check for a document with the same date as this email.
If this change was not authorized, follow the instructions for reporting unauthorized changes to your application or registration.
Serial/registration numbers: ░░░░░░░
Because our client is not located in the US, I was not able to reach our client instantly to check on the legitimacy of this change of email address. I instantly fired off an email message to our client to inquire. Twelve hours later, at 3AM Mountain Time, we heard back from our client. No, our client had not authorized any such change. So at 3AM Mountain Time (5AM at the Trademark Office) on Thursday, March 25, I followed the “instructions for reporting unauthorized changes”. As many readers know, these instructions involve sending an email message to email@example.com and answering several questions, which is exactly what I did. I explained that this was the work of a bad person.
I figured what would happen next is that the nice people at firstname.lastname@example.org would do what it takes to pull the plug on the unauthorized change of the email address. Maybe this would happen on Thursday, March 25. Failing that, maybe this would happen on Friday, March 26.
But no. What happened instead is that today, Sunday, March 28, at 5:20 AM Mountain Time, I received an email alert from IP Badger. IP Badger notified me that the following events had occurred on this US trademark registration:
- 03/24/2021 APPLICANT/CORRESPONDENCE CHANGES (NON-RE…
- 03/24/2021 TEAS CHANGE OF CORRESPONDENCE RECEIVED
- 03/24/2021 ATTORNEY/DOM.REP.REVOKED AND/OR APPOINTE..
- 03/24/2021 TEAS REVOKE/APP/CHANGE ADDR OF ATTY/DOM…
- 03/24/2021 TEAS CHANGE OF OWNER ADDRESS RECEIVED
Prompted by this alert from IP Badger, I scrambled to look up the case in TSDR, and sure enough the bad person had succeeded. Today for the first time I had the opportunity to actually see the CAR form that had been e-filed by the bad person on March 24. I was able to see the e-signature, which was our firm’s name between the two virgules. From this it is painfully obvious that there is no way the person could have been authorized by the client to proceed (for example if the client had decided to fire our firm and hire a new firm). The new firm, if legitimate, would never have e-signed using our firm’s name.
Of course I immediately e-filed my own CAR form to try to wrest control of the trademark registration back to our firm. Unfortunately what almost certainly happened is that the USPTO immediately fired off a warning email to the bad person, letting them know that someone is trying to steal the registration away from them. Maybe the bad person will then send an email to email@example.com to tell them that I am the bad person. Even though the people at firstname.lastname@example.org ignored it when I tried to report a fraudulent change of email address, there is the danger that the people at email@example.com will (wrongly) spring into action this time and will pull the plug on my CAR form.
The other possibility of course is that the people at firstname.lastname@example.org might snooze through this CAR form just as they snoozed through the previous CAR form. When they snoozed through the previous CAR form, the result was that four days passed before the email address changed. So if they snooze through my CAR form that I e-filed today, likely at least four days will pass before the email address gets changed back to what it is supposed to be. Those four days of Trademark Office snoozing are more than long enough for the bad person to steal the ABR rights. It only takes about two days to steal ABR rights.
I am certainly glad that I was using IP Badger to monitor this US trademark registration. Were it not for IP Badger, I don’t know what my chances would have been at averting disaster for my client.