The last phishing wave, three clone domains hit through late February, tried a new trick. Instead of leaving a stale onion baked into the login captcha, they served a captcha with the fake onion painted in. Match the URL bar, match the captcha, hope the reader does not check further.
It did not work because the check that matters is not just internal consistency between URL bar and captcha. The check is against the last signed rotation. Readers who verify the rotation once and bookmark the address get a third data point that no phishing clone can produce.
Three notes: 1) most people do this without thinking, and that habit is what stops the attack. 2) the operators clearly know the trick now, so the next iteration will probably shift to spoofing the signed rotation itself, which is why key verification stays the harder anchor. 3) the wave burned three clone domains inside a week, which suggests the phishing pool is under pressure. Good.