Phishing sites (hopefully) have a short lifespan before they're detected and taken down. At which point the phisher registers a new domain and starts the process all over again.
Some phishers automate this process using a script which automatically registers new domains. Once you figure out the pattern, you can quickly find every new domain, just based on the name.
This is a companion discussion topic for the original entry at https://phish.report/iok/learn/020-domain-generation