Bah, I didn't catch that it was a phishing attempt until after I'd logged in with my password. Changed the password immediately.
I didn't notice it was a bad link until it said the page was not available. Then I looked closer at the link and it was a coinbase link with some sort of url redirect:
h ttps://www.coinbase.com/sessions/oauth_signin?client_id=ef7477ce7e238f083b59f8ff58a0974f086fa18fce609ad6499935889f5a763e&redirect_uri=https://coinbasevaultcom.serversicuro.it/&response_type=code
Though I don't think it actually redirected.
------
On 08/11/2014 with the introduction of our new Multisig Vault our User Agreement has changed. Please click the link below to accept our new User Agreement:
Accept Our New User Agreement
In order to continue using our services you need to agree with the new agreement.
Kind regards,
The Coinbase Team
-------
You can't just change your password immediately. You need to remove all 3rd party API access now in coinbase now. This is a huge flaw in coinbase:
http://www.reddit.com/r/Bitcoin/comments/2lt76n/warning_coinbase_oauth_phishing_attack_allows/This is true for most sites that allow API access as all that you need to access the site is the API key associated with your account. It is an overall security risk for any site that you enable API access to when the API can make any kind of financial decisions for you