People can and will click on anything. As a result, attackers continue to use phishing attacks to gain footholds in organizations. Using DNS reconnaissance techniques, it is possible to identify potentially imminent phishing attacks using typosquatting techniques. In this talk we will discuss how to monitor for these attacks using DNS and demonstrate a new tool to automate this recon to generate alerts of possible attacks.