But you can't fake the url.
Discussion
Yeah you'd type www.google.com and there malicious DNS would redirect to their clone
When the portal opens it automatically goes to their url so you just copy it. When you paste you would see https://phishylink.stinks