Cybercriminals can automatically generate thousands of subdomains to conceal phishing activity.