8086k meme cpu gang rise up!

That doesn’t always work because you can get really creative with unicode characters in domains that look almost exactly like the real domain [1]. Not to mention the growing common practice of companies using a different domain for their email sending. Not to mention that sometimes humans just make mistakes? Long story short - your super confident I know everything approach is going to get you burned and you should try to build in actual solutions like domain verification instead of relying on your “huge brain.”

[1] https://www.thesslstore.com/blog/unicode-domain-phishing/

Use a password manager that verifies domains before filling in details to help thwart these types of attempts. Adding a hardware 2fa device like a yubikey will go even further.