Section 5.3 Finney Attack
It is also worth noting that on more than one occasion the double-spend attempt was detected
by the website blockchain.info[202]. As such any service actively checking the website for
such activity would be able to detect the malicious activity attempt.
I think you described a regular double spend attack, where is Finney attack involves pre-mined block, and it is not detectable.
Suppose the attacker is generating blocks occasionally. in each block he generates, he includes a transfer from address A to address B, both of which he controls.
To cheat you, when he generates a block, he doesn't broadcast it. Instead, he runs down to your store and makes a payment to your address C with his address A. You wait a few seconds, don't hear anything, and transfer the goods. He broadcasts his block now, and his transaction will take precedence over yours.