There are even other TLDs you could play with that most non-tech people would think are legit. For example auto-nation.co or autonation.inc autonation.corporation. All of these would cost less than $20. I haven't checked these all for availability, but I suspect at least half the ones on this list are available, and even if they aren't you can play with different combinations to get something that is available. The purpose is only to fool people at first glance.
While most people on HN might know that internal-autonation.com does not actually mean its from autonation, I suspect it would still fool a lot of HN readers. Outside of tech workers, I think this technique would fool the vast majority of the population.
You could even buy a domain for something like new-fake-hrm-saas.com and make a fake website for a fake SaaS HRM/Recruiting tool. Then send all emails from that domain. If anyone asks, you can say that intial emails go through that SaaS tool until you have fully onboarded. This is something legit that actually happens in real life early on in the hiring process when they want all hiring correspondance to go through an HRM tool. Again, maybe a tech worker would be cautious of this technique, but most people would be none the wiser. This would allow you to maintain one domain for multiple scams so you could easily burn one if you get exposed. You could even do subdomains with it like autonation.fakehrm.com and salesforce.fakehrm.com and so on for each company you impersonate.
Again, this isn't to give people ideas. But this could be easily done for $20 a year and minimal effort. (The fake hrm saas site could be a template site, all real SaaS sites look the same anyway).
For example imagine getting an email from recruiting@internal-autonation.com. Again, I know a tech worker who actually is likely to have purchased a domain might know what is happening here, but most Americans would think this is legit.
