Maybe I can clarify how these phishes work. A phisher would send emails to a large number of people saying, literally, "I am your email administrator, your account is to be suspended, please send me your username and password".
Any cursory examinationof these letters would make it obvious that they are fake. Most people do not fall for it, but the dumbest ones do fall for it. Once they send these emails, the spammers gain control of those email accounts and can abuse them however they want, including propagating of phishing, spamming, etc. DKIM will not work, as this is purely a social engineering attack. i
