"Unusual Login Attempt" Phish


LSU Personnel started receiving phishing e-mails on January 8th, 2018, related to mailbox upgrade and account verification

Subjects of the Phishing e-mail - "Unusual Login Attempt" and " "(No Subject)

Sender Name - Internal to LSU*

Sender e-mail address - Internal to LSU*

*Internal accounts can be compromised and used by malicious actors to send phishing e-mails, in order to appear more authentic.

Screenshot of the message

Screenshot of phishing message

Content of the message

Your email will be shut down due to several negligence of emails regarding mailbox upgrade. To avoid this please click Here and verify your mailbox

Screenshot of the phishing page

The URL provided in the e-mail does not belong to LSU, and directs the user to a third-party site. The third party site appears as below:

Screenshot of the phishing site

NOTE: ALWAYS verify the URL provided in any e-mail and PLEASE NOTE that LSU will not ask you for your account information in such a fashion.