On February 21st, we were made aware that a massive phishing attack was underway, that was designed to steal your login and credit card information. This attack takes the form of a fradulent email sent to our customers from a gandi.net email address, that has the subject “Vous avez une dette de 5.00 €”.
This mail contains a link that sends unsuspecting users to a page where they log in and proceed to payment. If you have received this email, do not click on the link within it.
If you have ignored and deleted this email, you have nothing more to do.
If you unfortunately went to the page linked in the email, you should consider that your password has been stolen and in now in the hands of whoever launched this attack. We strongly urge you to log into your Gandi account by going directly to https://www.gandi.net in your browser and change your password as soon as possible.
If you made any payment on the site linked to in this attack’s email, we also strongly urge you to contact your bank without delay, who will be able to give you more information on how to proceed with mitigating the impact this incident may have on your bank account.
[UPDATE 20 March] This campaign is still ongoing, with an even more accurate wording. Please make sure you don’t click on any link on emails, even it they seem to be sent by Gandi, and get directly to your customer dashboard using http://www.gandi.net to check if you have an invoice waiting for paiement !