Maybe it would be better to send a link. Then it can't be sent to the wrong domain.
Of course you need to then educate people that they shouldn't trust the domain they land one and always immediately close the tab. Even if that tab says "Warning you have a fraud alert on your account. Click here to check your recent transactions"
The link may look similar or even appear identical, and still be under control of the scammer.
Similar to just not trusting incoming phone calls, you can't really trust incoming links via standard email, without some definitive way of validating the sender.
Of course you need to then educate people that they shouldn't trust the domain they land one and always immediately close the tab. Even if that tab says "Warning you have a fraud alert on your account. Click here to check your recent transactions"