I keep asking myself why they don't start using a more traditional domain in order to avoid these types of errors on the user's side.
For example, this one is still free: exch.services
Even sites with a very traditional .com domain have loads of phishing duplicates. And changing URL now makes it only worse.