Fake Snowflake / Databricks / Fivetran data warehouse or data engineering subscription payment failed, queries and pipelines suspended, or BI dashboards offline phishing — fraudulent email impersonating Snowflake, Databricks, or Fivetran claiming the account is suspended, data warehouse queries and engineering pipelines are offline, or data connectors stopped syncing — Snowflake: 9K+ customers; Databricks: 10K+ customers; data platform suspension blinds analytics and data science teams mid-sprint, freezes BI dashboards feeding executive decisions, and halts data pipelines feeding downstream applications

Phishing emails impersonating Snowflake, Databricks, or Fivetran claiming the data platform subscription payment has failed, data warehouse queries and engineering pipelines are suspended, or data connectors have stopped syncing — directing them to update billing or restore data platform access through a credential-harvesting portal. Key facts: (1) Data warehouse suspension blinds every analytics and business intelligence consumer simultaneously: Snowflake serves 9,000+ customers including thousands of enterprises running their entire analytical infrastructure on Snowflake's cloud data platform; when a Snowflake account is suspended, all SQL queries return errors, BI tools (Tableau, Looker, Mode, Power BI) connected via Snowflake lose their data source, and automated data pipelines that feed business reports stop producing results; executive dashboards showing revenue, churn, and operational metrics go dark at the same moment the data engineering team loses the ability to run transformations; (2) Snowflake's consumption-based pricing creates unique billing anxiety: unlike flat subscription SaaS, Snowflake charges on credits consumed — organizations running large-scale data workloads can generate unexpected bills in the thousands of dollars from a single resource-intensive query or runaway pipeline; 'unexpected charges detected on your Snowflake account' combines billing-dispute urgency with the genuine fear of cloud cost overruns that data teams regularly experience; (3) Databricks' machine learning and data engineering integration creates cross-functional impact: Databricks serves 10,000+ customers ($0.07-1.25/DBU) providing unified data engineering, data science, and ML training on a single Lakehouse platform; a Databricks billing suspension halts data transformation notebooks, ML model training jobs, feature store updates, and MLflow experiment tracking simultaneously — data engineering and data science teams lose their primary working environment; for companies with production ML models that require regular retraining, a Databricks suspension means model drift goes unaddressed; (4) Fivetran's data pipeline role creates cascading downstream failures: Fivetran ($0-$500+/month) synchronizes data from 300+ source connectors into data warehouses — when Fivetran billing lapses, all connectors stop syncing, and the data in Snowflake or BigQuery becomes stale immediately; analytics teams relying on fresh data for daily reporting receive reports built on days-old information without any indication the pipeline stopped; (5) Data platform credentials give attackers access to all analytical data, business intelligence query results, ML model training data, and potentially entire customer behavioral datasets stored in the warehouse. Warning signs: sender not snowflake.com, databricks.com, or fivetran.com; Snowflake billing is managed in the Snowflake console, never via email link.