Especially when many companies run their job application pages through 3rd parties. The phishing page having a different domain isn't suspicious at all. Most of the time when I check the career's page on a company's website, it links to something like "corpname.randomhrsolutions.com".