Verify if a Domain for Web Browsing is Blacklisted
To check whether a domain is blacklisted, you must manually type it into a web browser and press Enter.
If the domain is NOT blacklisted, the following page will be displayed — for example, for the domain inicioseguro[.]com.
If the domain IS blacklisted, it will be displayed as follows:
Domains used for simulations may be temporarily blacklisted due to the nature of our phishing simulations. Since these domains are used in campaigns that replicate real threats for educational purposes, some security tools identify them as potentially malicious.
At SMARTFENSE, we actively work to minimize these false positives by managing reclassification requests with leading security and web filtering providers. However, the response varies depending on the specific tool or security solution: some allow educational categorization, while others enforce stricter restrictions.
If a domain is blacklisted while a simulation campaign is active:
What are the consequences?
Users who click on the phishing trap link in question may see a red warning in their browser indicating that the site they are trying to access is dangerous.
Why does this happen?
Possible causes include:
Automatic detection of phishing content by the email client or due to external factors.
Detection based on reports submitted by users who received the phishing email.
How to proceed?
In these cases, we recommend stopping the campaign in question to avoid biasing the collected statistics. You can do this yourself using the Stop Campaign button in the campaign’s detail view.
Alternatively, you may choose to keep the campaign running so it continues collecting statistics on email opens and link clicks only.
How to prevent this from happening again?
There is no direct way to completely avoid this, but there are some guidelines to keep in mind:
The more closely a phishing email resembles the original in terms of wording and graphic content, the higher the likelihood of it being automatically detected.
Phishing emails related to internal organizational matters tend to be the most effective while also having the lowest probability of being automatically detected.
Does this situation invalidate the usefulness of the campaign?
Since this is a scenario that may occur within your organization, these cases actually demonstrate an empirical situation. They can be leveraged to understand how many users may have fallen for the phishing attempt before it was blocked by a technological solution.
Remember that when scheduling a new campaign, you can use the “More Options” button. While scheduling, you may customize the phishing URL and select a specific domain from the list of available options.
Additionally, once we detect that a domain has been blacklisted, SMARTFENSE automatically removes it so that it cannot be selected or randomly used in future campaigns.