"Final Warning: Account Termination Notice" Phish

 

LSU Personnel started receiving a phishing e-mail on February 3rd, 2017 related to Account Termination Notice.

Subject of the Phishing e-mail - Final Warning: Account Termination Notice

Sender Name - Microsoft Support Team

Sender e-mail address - External from LSU 

NOTE: ALWAYS verify the sender e-mail address.

Content of the phishing email

The content of the message states the following (Links and other descriptors have been removed for security purposes):

Dear <username@lsu.edu>

From our server, it is shown that you are yet to update your E-mail account(username@lsu.edu) to our new server which is more secure.

Kindly note that all unverified and outdated E-mail account will loose their account if not verified and updated within 24hours.

Kindly follow the link below to verify and update your E-mail Account(username@lsu.edu).

VERIFY AND UPDATE MY ACCOUNT NOW

Note: This service is free and once update is complete, your E-mail account will work effectively.

DO NOT IGNORE. THIS IS THE FINAL NOTICE.

Thank you

Microsoft Mail Team

Screenshot of the phishing site

The e-mail contains a link that directs the users to a malicious website that looks similar to a Office365 site. Please see the site below:

Screenshot of the phishing site

However, if attention is paid to the URL, the URL does not belong to Microsoft or LSU.

zoom in to the URL in the screenshot

NOTE: If you have provided your account information through this phishing message, please change your LSUMail password immediately.