Fake Atlassian Jira / Confluence project management subscription payment failed, licenses no longer active, team wiki access suspended, or project management access disabled phishing

Phishing emails impersonating Atlassian, Jira Software, or Confluence claiming the project management subscription payment has failed, licenses are no longer active, team wiki access is suspended, or project management access is disabled — directing victims to update billing through a credential-harvesting portal. A distinct attack category targeting the project management and documentation layer used by virtually every software development team: Atlassian Jira Software is the world's dominant issue tracker and agile project management platform, and Confluence is the industry-standard team wiki and documentation platform. Key facts: (1) Atlassian serves 300,000+ paying customers with Jira Software ($8.15/user/month Standard, $16/user/month Premium), Jira Service Management ($20-$50/user/month), and Confluence ($5.75/user/month Standard, $11/user/month Premium) — Atlassian products are embedded in virtually every software team's workflow; a 'Jira Software licenses no longer active' email is credible to any engineering team member because Atlassian genuinely manages license counts and regularly sends license renewal reminders for Data Center deployments; (2) The project management suspension hook creates a unique combination of operational and team-visibility risk: Jira suspension means all active sprints, open tickets, and in-progress work items are inaccessible — the entire engineering team loses visibility into the current sprint state; Confluence suspension means all technical documentation, runbooks, architecture decision records (ADRs), and onboarding guides become inaccessible simultaneously; (3) Atlassian's Jira Service Management position as the IT help desk creates additional urgency: organizations using Jira Service Management for IT support lose the ability to receive and route internal support tickets — employees filing IT requests receive no acknowledgment; (4) Atlassian credentials expose the complete product development history and team structure: all sprint histories and velocity data, every issue transition revealing the development process, all Confluence pages including internal architecture documentation and roadmaps, and Atlassian Connect app OAuth tokens for Slack, GitHub, PagerDuty, and Bitbucket integrations. Warning signs: sender not atlassian.com or jira.com; genuine Atlassian billing at admin.atlassian.com/billing.