Appreciate the update, @mbertino. This is being fully owned by our Trust team at this point, but we're generally taking two approaches to minimizing any future risk/impact:
- proactive detection of phishing attempts
- sensitive monitoring of domain reputation
The former is a longer term project that we're thinking through, but the latter is already in place. On top of that, we now have open lines of communication with the relevant parties that should speed things up considerably if anything similar ever happens again.