Usually, I’m 200% careful, but this time – I logged in. Briskly changed my password when I realized what had happened. Contacted support so I can forward the email if need be.

The email looks official; but the landing page the link takes you to (not to mention the url now that I glance at it again) looks fake as all-hell…

Careful, folks!

I have learned to never click the links in the email, and instead go to the website and respond to the PM (if there is one) from my UserCP.

It has become my habit to do this, and should become yours as well.

You’re right — there is a phishing attempt going on. I’m not sure how many people have been affected, however it is severe enough that all Namepros accounts now have a warning about it when they go to their private message page. If everyone followed the advice you gave above, there would probably be a whole lot less phishing attempts because nobody would become a victim of them.