LUCY

There are several options to solve the problem with the "Deceptive site ahead" issue when the domain has been blacklisted by Google and to improve the Phishing Simulation Experience.

First of all, there's a procedure of verification and proving that the blacklisted domain is your property. Go to: https://www.google.com/webmasters/tools/security-issues and press "Add property now"

Enter the URL of the property that you'd like to verify and press "Continue".

Verify domain ownership via DNS record procedure interface would appear. From the dropdown menu choose your domain provider. Or select the option "Any DNS provider" for the TXT record whitelisting method. Sign in to your domain name provider and add a TXT record as instructed.

For more info please refer to the Google Page

Please note, that domain verification method is the recommended one. For more options please check the alternative methods available via URL prefix.

Upload an HTML file to your site.

This method should be used only in case the others did not resolve the issue with the blacklisted domain. In order to have a link for verification

http://your-domain/file-provided-to-verify​.html

your admin Lucy domain must be changed to the target one.

Warning! During the procedure there would be no access to the default Lucy's admin path (for example, access.cloudsuperservice123.com)

• Connect to your Lucy server and use the setup script to change the domain configuration:

python /opt/phishing/current/tools/setup/setup.py

• Choose 1. Current Configuration.
• Make sure to save somewhere the default domain so it can be restored in further steps.
• Choose 5. Domain Configuration.
• Enter the domain you would like to whitelist.
• Choose 8. Logout Setup Menu.
• Put the provided html file into the directory

/opt/phishing/current/web/

by pasting it or creating manually a full copy of the file.

• At this point confirm successful upload by visiting the link in your browser.
• And press Verify in the Google Search Console.
• After receiving the success confirmation message the domain can be restored to the default one.

For more info please refer to the Google Page

Add a meta tag to your site's home page.

For more info please refer to the Google Page

Use your Google Analytics account.

For more info please refer to the Google Page

Use your Google Tag Manager account.

For more info please refer to the Google Page

Now the target domain should be added to your property list here:

https://www.google.com/webmasters/tools/security-issues

Otherwise, it can be reached via page

https://search.google.com/search-console/welcome

Enter the target domain and press Continue. The notification should appear if the ownership was verified previously for the domain.

Here you can manage the issues with it, resolving security problems. Find the issue, request a review, and write a reason, that the site does not contain any harmful content. Please note, that the process might take a few days to finish. Usually, it's about 48 hours. After it's finished the notification email should be received containing the result of a request.