Fake LaunchDarkly / Split.io feature flag management subscription payment failed, feature flags and kill switches suspended, feature rollouts disabled, or A/B tests no longer active phishing

Phishing emails impersonating LaunchDarkly or Split.io claiming the feature flag management subscription payment has failed, feature flags are suspended, kill switches are disabled, feature rollouts are no longer active, or A/B tests have been temporarily suspended — directing them to update billing or restore access through a credential-harvesting portal. A distinct attack category targeting feature flag management platforms that serve as the infrastructure control plane for every production software deployment — suspension simultaneously disables the ability to turn off broken features, roll back bad deployments, or safely control feature exposure in production. Key facts: (1) LaunchDarkly serves 5,000+ enterprise customers ($20,000-$200,000+/year) including Atlassian, IBM, and NBC Universal as the dominant feature flag and feature management platform — LaunchDarkly is embedded at the infrastructure level of software delivery: every feature deployment uses flags for gradual rollout, every new feature has a kill switch for instant rollback, and production incidents are mitigated by toggling a flag; a LaunchDarkly subscription suspension that disables flag evaluation means every active flag evaluation returns its default value — gradual rollouts stop, kill switches cannot be activated, and the engineering team loses the ability to instantly turn off a broken feature in production without a full code deployment; (2) The 'kill switches suspended' hook is the highest-urgency vector in this category: production incidents at scale companies are mitigated by kill switches — a broken feature causing 500 errors/minute is resolved by toggling a LaunchDarkly kill switch; if kill switch evaluation is suspended and a production incident occurs, the engineering team's primary incident response tool is unavailable, requiring a full code deployment to mitigate what would otherwise be a 30-second flag toggle; (3) Split.io serves 1,000+ engineering teams ($15,000-$100,000+/year) with particular strength in data-driven product teams that combine feature flags with A/B experiment analytics — Split's unique differentiator is native A/B test measurement on feature flag treatments; Split suspension stops both the feature delivery and the statistical measurement of which treatment performs better; teams running multi-variant experiments lose both the experiment configuration and the accumulated statistical data; (4) The 'feature rollouts disabled' hook targets a specific deployment workflow: progressive delivery (rolling out a feature to 1% → 10% → 50% → 100% of users) requires the feature flag platform to function continuously throughout the rollout window; if rollout progression is disabled mid-release, the team cannot advance the rollout percentage, cannot monitor rollout health metrics, and cannot roll back if metrics degrade; (5) LaunchDarkly and Split credentials expose the complete feature delivery architecture: every active feature flag revealing which features are in development or being tested before public launch, the rollout percentage rules showing the production deployment strategy for every team, the user targeting rules revealing which customer segments receive early access to unreleased features, and the experiment configuration revealing which product bets the engineering team is testing. Warning signs: sender not launchdarkly.com or split.io; genuine LaunchDarkly billing at app.launchdarkly.com/settings/billing; Split billing at app.split.io/org-settings/billing.