Fake Canva Pro / Canva Teams subscription billing or account suspended phishing — fraudulent email impersonating Canva claiming the recipient's Canva Pro or Canva Teams subscription payment has failed, their account has been suspended, or their subscription is expiring with designs and Brand Kit at risk — directing them to sign in, update billing, or verify account — distinct from the design-file-share lure; Canva has 135M+ registered users and 15M+ paying Pro/Teams subscribers making it a high-volume impersonation target

Phishing emails impersonating Canva claiming the recipient's Canva Pro or Canva Teams subscription payment has failed, their account has been suspended for unusual activity, or their subscription is expiring — with a threatened loss of designs and Brand Kit — directing them to sign in, update billing, or verify their account. Key facts: (1) Canva has 135M+ registered users globally (2025 update) and 15M+ paying Canva Pro or Canva Teams subscribers; this makes it one of the most widely-used design tools in the world and an attractive impersonation target for subscription-billing phishing campaigns; importantly, this signal is DISTINCT from the existing fake-figma-canva-design-file-share-phish which targets a "someone shared a design with you" notification lure — this signal targets the subscription billing and account suspension lure vector; (2) Canva Pro and Canva Teams subscriptions are deeply integrated into business workflows: Brand Kits store logo, fonts, and color palettes; team template libraries contain all marketing assets; Magic Resize and background removal tools are used daily for social media and content creation — losing access mid-campaign or mid-project causes immediate business disruption that creates strong urgency to click without verification; (3) Small businesses and marketing teams that rely on Canva Teams (team collaboration, unlimited storage, Brand Kit sharing) are particularly vulnerable because losing access affects the entire team simultaneously, increasing pressure from colleagues and management to resolve the issue immediately; (4) The "your designs may be permanently deleted" variant is a high-anxiety escalation tactic — design files represent years of accumulated brand assets — that causes even security-aware users to act before verifying the sender. Warning signs: sender domain not canva.com; no reference to specific plan type, team name, or next billing date; link to a non-Canva domain; urgency about permanent deletion of designs.