Fake Contentsquare / Heap digital experience analytics subscription payment failed, session recordings and heatmaps suspended, data capture tracking disabled, or product analytics access no longer active phishing

Phishing emails impersonating Contentsquare or Heap claiming the digital experience analytics subscription payment has failed, session recordings and heatmaps are suspended, data capture tracking is disabled, or product analytics access is no longer active — directing them to update billing or restore access through a credential-harvesting portal. A distinct attack category targeting the digital experience and product analytics platforms that product, UX, and growth teams rely on for behavioral data — suspension simultaneously removes all session replay and heatmap data for every running product analysis and A/B test interpretation effort. Key facts: (1) Contentsquare serves 800+ enterprise customers ($50,000-$300,000+/year) including Walmart, LVMH, and Tiffany as the leading enterprise digital experience analytics platform for large-scale e-commerce — Contentsquare captures every click, scroll, hover, and frustration signal (rage click, dead click, error click) across the entire website journey and synthesizes it into heatmaps, session replays, zone-based analysis, and customer journey maps; a Contentsquare subscription suspension halts all behavioral data capture simultaneously across every instrumented page; product teams mid-way through a redesign analysis lose both the ongoing session captures needed to validate the redesign and the historical session replay library needed to diagnose specific user friction points; (2) The 'session recordings suspended, heatmaps disabled' hook is particularly concrete for UX and CRO teams: Contentsquare session replay is routinely used to diagnose specific user abandonment moments (e.g., identifying the exact form field where mobile checkout abandonment spikes); a suspension framed as 'your heatmaps and session recordings are no longer active' creates immediate urgency for anyone running an active UX investigation or CRO experiment — the data collection window is lost and cannot be recovered retroactively; (3) Heap serves 8,000+ customers ($15,000-$150,000+/year) including Microsoft, Eventbrite, and Twilio as the autocapture product analytics platform — Heap's defining characteristic is retroactive analysis: because Heap auto-captures every user interaction from installation forward, analysts can answer questions about user behavior from historical data without needing to have instrumented specific events in advance; a Heap subscription suspension disables data capture going forward and, critically, may trigger anxiety about whether historical event data will be deleted; the 'retroactive analysis becomes impossible' urgency is unique to Heap compared to traditional event-based analytics tools; (4) The 'data capture tracking disabled' hook targets growth teams with active funnel experiments: Heap is commonly used to define and track conversion funnels (sign-up to activation, trial to paid, feature adoption paths) that feed product-led growth hypotheses; a suspension that halts event capture means no new funnel data flows into Heap, and the growth team loses visibility into whether product changes are improving or harming conversion during the most sensitive period of a sprint; (5) Contentsquare and Heap credentials expose the complete user behavioral data architecture: every heatmap and session replay capturing real user authentication flows, payment entry sequences, and sensitive account management interactions, the funnel definitions revealing which conversion sequences the company considers most valuable, the segment definitions identifying high-value user cohorts and their behavioral fingerprints, and the integration connections to Salesforce, Segment, and advertising platforms that use behavioral data for targeting. Warning signs: sender not contentsquare.com or heap.io; genuine Contentsquare billing at app.contentsquare.com/account/billing; Heap billing at heapanalytics.com/settings/billing.