Time: April 20, 2018 15:00:00 (CEST)
Dear Leaseweb customer,

We are writing to notify you that customers of Leaseweb are receiving phishing emails containing malicious payment requests and these spam messages should be ignored. Below is an example of the email that is being sent by the attackers in Leaseweb’s name.

The sender of these emails says that the customer is in breach of his/her payment obligations and that immediate payment is required. The message includes a typo “48 heurs” and redirection of https://secure.leaseweb.com/finance/index to a mybigcommerce[.]com site.

Please be aware that this mail was NOT sent by Leaseweb or any of our subsidiaries. If you have any further questions, don’t hesitate to contact us through the Leaseweb customer portal or send an e-mail to [email protected]

— Example of Phishing email —

“ Dear customer,
LeaseWeb has still not received full payment for the outstanding
amount of 9,95 EUR despite several reminders. You are therefore in
breach of your payment obligation towards LeaseWeb. LeaseWeb will
suspend all services to you with immediate effect.

To reactivate your account and services, full payment should reach
LeaseWeb within 48 heurs from today. After this period LeaseWeb will
terminate all agreements with you and all your data will be deleted.
LeaseWeb will not be able to recover any data after this process has
been completed. LeaseWeb may also, without further warning, proceed to
unregister all domain names that you registered through LeaseWeb.
After termination, LeaseWeb will exercise whatever rights and remedies
it has to recover the outstanding amount and the deactivation charge,
together with any interest and legal expenses.

Please visit the LeaseWeb Customer Portal to pay the outstanding amount :

If you have any questions, please send us an email to
[email protected], or call us at +31 (0) 20 3162880.

Sincerely,

LeaseWeb”