Phishing - Domain Integrity

1. Reputation & Blacklist Monitoring

Living Security continuously monitors its standard landing page domains across major:

• DNS-based blacklists (DNSBLs)

• URL reputation services like:

  • Google Safe Browsing

  • Microsoft Defender SmartScreen

  • Cisco Talos

  • FortiGuard

  • McAfee

  • Symantec

⚙️ This is typically done using automated scanning and alerting tools that regularly query these services and raise alerts if:

• A domain is blacklisted

• A reputation score drops

• A domain triggers warning pages

2. Audit and Review Process

Living Security has an internal audit process that includes:

• Daily automated checks of standard domains

• Human oversight for verification if issues are detected

• Quarantine or removal of flagged domains from the platform if confirmed as compromised or blacklisted

• Replacement or rerouting to backup/healthy domains if needed

🛡️ This ensures customers never unknowingly use compromised landing pages in live simulations.

3. SSL/TLS Health Checks

Every standard domain also goes through:

• SSL/TLS certificate health monitoring

• Renewal checks

• Browser compatibility testing

Browsers showing “insecure” or “not trusted” warnings can erode user trust and ruin the training value — so SSL integrity is a key part of the audit.

4. Internal Whitelisting & Security Monitoring

Living Security also:

• Submits domains to common security platforms (like Microsoft, Google, Mimecast) for early allowlisting

• Monitors feedback from customers who may report false positives or regional blocks