Lucy Awareness
Visit our WebsiteContact Support
  • Wiki Overview
  • Guides
    • Quick Guides
      • Create Your First Campaign
        • Adding a New Client
        • Register an Attack Domain
        • Campaign Setup
          • Selecting an Attack
          • Attack Settings
          • Awareness Settings
          • Recipients
          • Review
        • Whitelisting
    • Installing Lucy
      • On-Premise vs Cloud Installation
      • Architecture
      • Hardware Requirements
      • Network Communication
      • Installing Lucy
      • Post Installation
    • Manage Blacklisted Domains
      • Managing Google SafeBrowsing Alerts
    • Whitelisting a Lucy Server
      • Google Workspace Whitelisting
      • Microsoft O365 Whitelisting
      • File Attack Whitelisting
    • Attack Simulations
      • Attack Types
        • Data Entry Attack
        • Hyperlink Attack
        • File Attack
        • Portable Media
        • Smishing
        • Lures
        • QR Codes
        • Ransomware Emulation
        • Technical Malware Test
          • Malware Toolkit Test Suite
        • Mail & Web Filter Test
        • Email Spoofing Test
      • Attack Template Customization
      • Firewall Protection Interval
      • Email Tracking Technologies
      • Advanced Information Gathering
      • Regular Expressions in Login Fields
      • Copy a Website
      • Redirecting Users
    • Awareness Training
      • Awareness Template Customization
      • Awareness Only Campaigns
        • Using Multiple Awareness Trainings
      • Use extended method of tracking the end of the quiz
    • Reporting Plugin
      • Deploying Office 365
      • Deploying Outlook Native
      • Deploying Gmail
  • Application Screens Reference
    • Statistics Dashboard
    • Campaigns Dashboards
    • Campaigns
      • New Campaign
        • Wizard Mode
          • Selecting an Attack
          • Attack Settings
          • Awareness Settings
          • Recipients
          • Review
        • Expert Mode
      • Campaign Settings
        • Configuration
          • Base Settings
          • Awareness Settings
          • Attack Settings
          • Schedule
            • Schedule Plan
          • Recipients
        • Advanced Settings
          • User Settings
          • Filters
          • Custom Fields
          • Reminders
        • Campaign Checks
        • Logs
        • Results
          • Summary
          • Statistics
          • Reports
          • Exports
    • Templates
      • Attack Templates
      • Awareness Templates
      • File Templates
      • Report Templates
      • Campaign Templates
      • Training Diploma
      • Download templates
      • Variables in Lucy
    • Users
      • Recipient Groups
      • End Users
      • End User Portal Settings
      • Administrative Users
      • Reputation Levels
    • Settings
      • Common System Settings
        • Domains
          • Supported TLDs
        • Firewall
        • Web Proxy
        • Mail Settings
        • SMTP Servers
        • SSL Settings
          • SSL for Campaigns
        • SMS Settings
        • Filter Settings
        • API Whitelist
          • API Routes
        • LDAP Servers
          • LDAP Sync Tool
        • LDAP Settings
        • Azure Applications
        • Azure AD Settings
        • SSO Configuration
      • Advanced System Settings
        • Advanced Settings
        • SSH Password
      • Submitted Email Settings
        • Custom Rules & Score Factors
        • Abuse Reports
        • Incident Autoresponder
        • Plugin Settings
      • Clients
        • Client Invoices
        • Client Invoice Settings
      • Backup and Restore
        • Backup Settings
      • Benchmark Sectors
      • Whitelabeling
      • File Browser
    • Incidents
    • Support
      • Status
        • Status
        • System Monitoring
        • System Health Check
        • Notifications
      • System Tests
        • Test Email
        • Performance Test
        • Spam Test
        • Mail Spoofing Test
        • Mail and Web Filter Test
      • System Logs
      • Manual
      • Update
      • Reboot
      • Mail Manager
      • Terms & Conditions
    • Account Settings
      • Two Factor Authentication
      • License
      • Invoices
    • Notifications
  • Release Notes
    • 5.4
    • 5.3.5
    • 5.3.4
    • 5.3.3
    • 5.3.2
    • 5.3.1
    • 5.3
    • 5.2.1
    • 5.2
    • 5.1
    • 5.0
    • Version 4
      • 4.14
      • 4.13
      • 4.12.1
      • 4.11
      • 4.10.1
      • 4.9.5
      • 4.9.2
      • 4.9.1
  • Legal
    • EULA
    • Privacy Policy
    • DPA, Customer and Partner Info
    • Service Level Agreement
    • Confidentiality of Campaign Data
  • When to Contact Us
    • Contact Technical Support
Powered by GitBook
On this page
  • Domain Verification and Ownership Proof
  • What is next?

Was this helpful?

  1. Guides
  2. Manage Blacklisted Domains

Managing Google SafeBrowsing Alerts

PreviousManage Blacklisted DomainsNextWhitelisting a Lucy Server

Last updated 7 months ago

Was this helpful?

If your domain is blacklisted by Google, it will display a "Deceptive site ahead" warning, adversely affecting your phishing simulation campaigns.

Why did Google SafeBrowsing blacklist my domain?
  1. Spoofed Brands:

    • Domains mimicking well-known brands (e.g., Google, Facebook, Microsoft) can be flagged. Google’s algorithms detect visual and structural similarities to known brands to prevent phishing.

  2. Phishing Indicators:

    • If the domain hosts landing pages that solicit login credentials, personal information, or payment details, it can be flagged as a phishing site. Google analyzes the content for common phishing tactics and deceptive practices.

  3. New or Untrusted Domains:

    • Newly registered domains often lack a reputation. If these domains are used for phishing simulations, they are more likely to be blacklisted. Google evaluates the age and trustworthiness of a domain.

  4. Domain Configuration:

    • The setup of SPF, MX, and A records pointing to the Lucy server is scrutinized. Misconfigurations or anomalies in these records can trigger blacklisting. Google checks for alignment with typical usage patterns and legitimate email configurations.

  5. SSL Certificates:

    • Even with valid SSL certificates, if the domain shows signs of misuse or if the certificates are not from well-known Certificate Authorities, the domain can be flagged. Google inspects the validity and trustworthiness of the SSL certificates.

  6. Malware Distribution:

    • If the domain inadvertently hosts or distributes malware (e.g., through attachments or linked downloads), it will be blacklisted. Google scans for malicious software and scripts.

  7. Deceptive Content:

    • Google looks for content that is intentionally deceptive or misleading, designed to trick users into performing unsafe actions. This includes fake warnings, alerts, and instructions.

  8. Suspicious Behavior Patterns:

    • High volumes of emails sent from the domain, especially those resembling phishing emails, can raise red flags. Google monitors sending patterns and email content for suspicious activities.

  9. User Reports:

    • If users report the domain as suspicious or harmful, Google will take these reports into consideration. High numbers of user complaints can lead to a domain being blacklisted.

  10. Embedded Links and Redirects:

    • Google checks for suspicious links and redirects within the domain. If the site redirects to known malicious or phishing sites, it can be flagged.

What can I do to prevent Blacklisting?

Choose Reputable Domain Providers:

Set Up Proper DNS Records:

  • Ensure your SPF, DKIM, and DMARC records are correctly configured to authenticate your emails.

  • v=spf1 ip4:{your_lucy_ip_address} ~all
  • default._domainkey IN TXT "v=DKIM1; k=rsa; p=<public_key>"
  • Example DMARC record:

    _dmarc IN TXT "v=DMARC1; p=none; rua=mailto:dmarc-reports@yourdomain.com"

Implement HTTPS:

Regularly Update Your DNS Records:

  • Keep your DNS records up-to-date and ensure there are no misconfigurations.

Content and Email Practices:

Avoid Exact Brand Imitation:

  • Do not exactly replicate the appearance of Google, Facebook, or Microsoft emails and pages. Add slight variations to avoid detection by algorithms.

Use Clear Disclaimers:

  • Include disclaimers in your emails and landing pages stating that they are part of a security awareness program.

Limit Email Volume:

Monitor Email Content:

  • Ensure your emails do not contain elements commonly associated with spam or phishing, such as excessive links or suspicious attachments.

Test Content with Spam Checkers:

  • Use tools like Mail-Tester or Litmus to test your emails for spammy elements before sending them out.

Domain Management and Monitoring:

Warm-Up Your Domain:

Monitor Domain Health:

Engage in Regular Clean-Up:

Utilize Subdomains:

  • Consider using subdomains specifically for simulations to isolate potential issues from your main domain.

Google Safe Browsing and User Reports:

Regularly Check for Blacklisting:

  • Periodically check your domains using tools like Google Safe Browsing to ensure they are not blacklisted.

Promptly Address User Reports:

  • Respond quickly to any user reports of suspicious activity related to your domains.

Verify and Whitelist Your Domain:

  • Verify your domain ownership with Google Search Console and request reviews if blacklisting occurs.

Legal and Ethical Considerations:

Stay Within Legal Boundaries:

  • Ensure your simulations comply with local laws and regulations regarding email communications and data privacy.

Communicate with Stakeholders:

  • Inform relevant stakeholders within your organization about the phishing simulations to avoid misunderstandings and false reports to Google.


Domain Verification and Ownership Proof

Verify Domain Ownership:

  • Enter the URL of the property you want to verify and click "Continue".

Domain Name Provider Verification:

  • Choose your domain provider from the dropdown menu or select "Any DNS provider" for the TXT record method.

  • Sign in to your domain name provider and add a TXT record as instructed.

In this example, we will add the Google provided TXT record to my domains DNS panel in GoDaddy. This procedure should be similar for all Domain registration panels.

  • Go back to Google Search Console and click Verify

Sometimes DNS changes can take a while to appear. Please wait a few hours, then reopen your property in Search Console. If verification fails again, try adding a different DNS TXT record.


What is next?

After verifying domain ownership, Google may take 48 to 72 hours to whitelist it. Updates and notifications will be sent to the registered email in Google Search Console.

Register your domains with well-known and reputable domain providers. This helps establish initial trust. You can use the built-in for registration with GoDaddy.

See our platform reference article on

Use SSL/TLS certificates from reputable Certificate Authorities (CAs) to secure your domains. Use the built-in for your domains.

Send your phishing simulation emails in small batches to avoid triggering spam filters. Use the built-in to achieve this.

Gradually increase your email sending volume to establish a good sending reputation. Use the built-in to achieve this.

Use tools like to monitor your domain’s health and address any issues promptly.

Periodically review and clean your email lists to ensure you are sending to valid addresses. Use to automatically keep your users up to date with your organization's directory.

Go to and click "Add property now".

Let's Encrypt certificate generator
Scheduler
Scheduler
Google Search Console
Google Search Console Security Issues
Domain wizard
Example SPF record:
DNS records
Lucy's built-in automation
Example DKIM record: