_Any_ other domain, and I'm just going to ignore it. A legitimate *.ac.uk domain, and there's a good chance I will click it to find out what it is, even if I don't believe it. At that point, they've won (it's a 0-day).
Using a recognisable domain lets my guard down just enough ("there's no risk in going to a cam.ac.uk domain") for an attack like this to work.
Using a recognisable domain lets my guard down just enough ("there's no risk in going to a cam.ac.uk domain") for an attack like this to work.