Damn same thing happened to me and I'm a pretty pro user at this. Did you ever get your coin?
I used the .com and the session ID works. If they give me some "phishing URL" excuse, that's gonna be it for me with them I think and I would warn all other people.
Like I said, that user admited himself that he used a phishing website, and it was not even related to CM at all. There was no "excuse".
I had searche doin google and it was the first proposition i did not make a good search, I regret, but next time I will comme here before
Good nightt
Wait for their reply. If you are not satisfied with their answer, you can start a new discussion about what happened if that's what you wish.