A regular phishing attack is for an attacker to register a domain similar to your domain to trick customers/partners/employees into thinking its your domain so you enter credentials and information that the attacker can use against you

Energy companies are a classic example of this attack. They target existing customers to re-enter in their billing details ( credit card information)

A look at npower.com shows all the list of targeted domains

You can run the report for you domain here: https://dnstwister.report