"NOREPLY@LSU.EDU" Phish

 

LSU Personnel started receiving a phishing e-mail on February 15th, 2017 related to e-mail account suspension. 

Subject of the Phishing e-mail - NOREPLY@LSU.EDU

NOTE: The same email content has been sent with different subject lines as well, such as UPGRADE, SUSPENDED, etc.

Sender Name - Internal LSU User

Sender e-mail address - Internal LSU Address*

*Internal accounts can be compromised and used by malicious actors to send phishing e-mails, in order to appear more authentic.

The content of the message states the following (Links and other descriptors have been removed for security purposes):

Your account has been temporally suspended, and this means that you will not be able to send and receive new email messages. This is because of the on-going yearly maintenance and deleting of inactive accounts. You are then requested to verify your account here for upgrading.

Click Or Open this link to VERIFY your Account:  http: CLICK HERE


Copyright ©2017 LSU - Network Webmaster. All Rights Reserved
Security Alert Office.

The URL provided in the e-mail does not belong to LSU and directs the user to a third-party site. The third party site, looks like below:

PhishingItem02152017-2

NOTE: ALWAYS verify the URL provided in the e-mail and please note that LSU will not ask you to verify your accounts in such a fashion.