I signed up for Coinbase and within only several hours, I have received 2 separate phishing emails. What's more is these emails were specifically tailored to resemble being from my email account provider.

How would scammers get my email that I signed up with so quickly? I would say either the https on their site is compromised, their server/db are compromised, or there is an inside job going on.

Note to the n00bs: Don't be a fool, the second you setup an account for anything, always enable 2FA as the very first thing you do. YubiKey or any other physical key is a great option. Remember, if hackers compromise your Apple, Google, or Microsoft account, they can restore the cloud backup of your device to a burner device they have, and thus have access to your 2FA app for the codes. We also have been seeing for months now that hackers are getting away with porting your cell phone # which makes the SMS verification code as 2FA totally worthless.

The moment my BTC purchase funds/clears, I'll be removing my connected bank account and sending it all to an offline wallet where I have physical control over the private key.

Something doesn't feel right in Coinbase land.....