"FW: UPDATE!!" Phish

 

LSU Personnel started receiving phishing e-mails on August 14th, 2017 related to account validation.

Subjects of the Phishing e-mail - FW: UPDATE!!!.

Sender Name - Internal to LSU (multiple users)

Sender e-mail address - Internal to LSU (multiple e-mail addresses)

*Internal accounts can be compromised and used by malicious actors to send phishing e-mails, in order to appear more authentic.

The contents of the messages are (Links and other descriptors have been removed for security purposes):

 Phish Mail

There are two separate URLs in the various e-mails. The URLs provided do not belong to LSU, and direct the users to a third-party site. The third party sites appear as below:

Phish Site

 

Phish Site

NOTE: ALWAYS verify the URL provided in any e-mail and PLEASE NOTE that LSU will not ask you for your account information in such a fashion.