I keep asking myself why they don't start using a more traditional domain in order to avoid these types of errors on the user's side.
For example, this one is still free: exch.services
It still won't stop users from falling for those phishing sites as long as scammers keep creating them. A good example is that list of crypto mixer phishing and scam sites. Very many vicitms got caught up even with the phishing sites of more traditional domains.
The Good news is that Cloudfare now displays a warning about the site