Early morning I got the following text message on my phone. I had not tried logging in to Coinbase so was surprised to see this message.

Luckily, I didn’t kick on the link. Instead I opened a browser window and manually typed coinbase.com and navigated to it. And I tried signing in and didn’t notice anything off.
So then I went back to the text message. Copied the link, and thenpasted it into the browser. Only then I realized that the ‘a’ in the URL was actualy an ‘ạ’ !

And once it loaded it redirected to a different URL which also had a HTTPS certificate, but by then it was very obvious that this was not legit at all.
Be careful out there! Here are some tips on how to protect from phishing.