Phishing simulations enable organizations to identify the most vulnerable areas within their organization to phishing threats. Typically, this involves registering a domain name and setting up a website that mimics the organization's brand. However, a challenge arises when such domain names or websites are detected by anti-phishing engines. This detection can have adverse consequences for the registrars and Top-Level Domain (TLD) registries associated with the registered domain names, impacting their reputation negatively.
To address this issue, the Phishing Simulation Whitelist (PSW) has been established as a community service. It allows verified parties to submit and whitelist domain names intended for use in phishing simulations or awareness campaigns within a specified validity period. The list of whitelisted domain names will be accessible to verified industry partners, including blocklist providers, and will be incorporated into DNSAI Compass reports. This ensures that these domains are excluded from analysis, safeguarding the reputation of intermediaries involved in domain registration and hosting.
There are two possible ways to submit domain names to the whitelist: 1) using the API endpoint (described at the end of the page) or, 2) Using the provided online form. Both options need access token which is provided to verified partners by contacting us.
The whitelist is published here every day (receives daily updates) in .CSV format.
You can use the following API endpoint to submit data automatically to our system. Here, we descript the parameters of the API.
API endpoint (POST): https://psw.korlabs.io/add_domain
Here is the list of parameters
| # | Name | Type | Required? | Description |
|---|---|---|---|---|
| 1 | domain | String | Required | Registerd domain name (e.g., paypal-support.fr) for phishing simulation |
| 2 | exp_date | String | Required | Domain expiration date or end of phishing simulation. Value must be in a form of YYYY-MM-DD |
| 3 | token | String | Required | Provided token. Contact us if need one |
The return value of the API is a JSON-encoded data of the following format:
{
"success": true/false,
"msg": "successful"/"Description of the error",
"code": 200 / 400 / 500
} # example in Python 3.x
import requests
import json
token = "THE-TOKEN-YOU-RECEIVED"
params = {"token": token, "domain": "example.org", "exp_date": "2023-05-10"}
r = requests.get("https://psw.korlabs.io/add_domain", params=params)
print(json.loads(r.text))
Please Contact us if you have any problems regarding the API.