The exploit involves tricking Outlook for Windows into displaying a fake domain while opening another one. This is achieved by adding a <base> HTML tag with a fake domain and a left-to-right mark (Unicode U+200E). Links within <a> tags will display the fake domain but open the actual domain when clicked on.