We noticed that many of our clients’ phishing training emails are frequently coming from a certain domain, notificationservices.org, which makes the simulations a bit predictable over time (this was actually reported by one of our learners as a feedback).

It would be great if you could either shuffle/randomize the domains more or give us an option to exclude certain domains from the pool.