Re: "block access to any domain less than a month old"
One potential pitfall springs instantly to mind - in a month's time, when all those dodgy websites suddenly become visible to users, will they remember that they were supposed to be watching out for fake websites? Or will they simply assume "Well I can see it (now) so it must be okay"?
Obviously not a problem for people who only look after their own systems, but for anyone working in a large organisation this will be real problem. I find it amazing/astounding/annoying that so many people - including those who work for IT companies - can apparently have no freaking idea that there are people like these out there and will happily open all sorts of crap and send off their personal info without a second thought.