How a phishing attack for Coinbase almost got me with an ‘ạ’ instead of an ‘a’

Early morning I got the following text message on my phone. I had not tried logging in to Coinbase so was surprised to see this message.

Luckily, I didn’t kick on the link. Instead I opened a browser window and manually typed coinbase.com and navigated to it. And I tried signing in and didn’t notice anything off.

So then I went back to the text message. Copied the link, and thenpasted it into the browser. Only then I realized that the ‘a’ in the URL was actualy an ‘ạ’ !

And once it loaded it redirected to a different URL which also had a HTTPS certificate, but by then it was very obvious that this was not legit at all.

Be careful out there! Here are some tips on how to protect from phishing.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.