[UPDATE 3 October 2018 ] This campaign is still ongoing, with an even more accurate wording. Please make sure you don’t click on any link on emails, even it they seem to be sent by Gandi, and get directly to your customer dashboard using https://www.gandi.net to check if you have an invoice waiting for payment !

We were made aware that a massive phishing attack was underway, that was designed to steal your login and credit card information. This attack takes the form of a fradulent email sent to our customers from a gandi.net email address, that has the subject “Vous avez une dette de 5.00 €”.

This mail contains a link that sends unsuspecting users to a page where they log in and proceed to payment. If you have received this email, do not click on the link within it.

If you have already ignored or deleted this email, you do not need to take any further action. You do not need to open a ticket with our Customer care team or forward us the email in question.

If you unfortunately went to the page linked in the email, you should consider that your password has been stolen and in now  in the hands of whoever launched this attack. We strongly urge you to log into your Gandi account by going directly to https://www.gandi.net in your browser and change your password as soon as possible.

If you made any payment on the site linked to in this attack’s email, we also strongly urge you to contact your bank without delay, who will be able to give you more information on how to proceed with mitigating the impact this incident may have on your bank account.

Learn more about phishing on Wikipedia.