TL;DR: Microsoft offers their own phishing simulation service used by enterprises to see which of their employees need more training on spotting phishing emails.

Some of the fake links they used in such simulations led to unregistered domains, meaning some malicious person could simply register the domain, put whatever content they want on there, and turn the fake phish into a real one.