[poincaredisk]

What it you get an email from [yourbank].bank? Or if your mother got one?

It's never a single signal, and the more legitimate a domain looks, the bigger a chance is that someone fells victim to a scam.

[dc396]

Bad example. The requirements to register in .bank are quite rigorous (see https://register.bank/eligibility/). Phishers typically go for TLDs that impose far fewer requirements on their registrars.