What if a legitimate company sent out phishing emails themselves that looked real but were a different domain or something, then when customers clicked it it told them that that
