"WARNING! Account Owner" Phish


LSU Personnel started receiving a phishing e-mail on February 25th, 2017 related to suspended e-mail and account verification. The e-mail had two different subject lines, but the content was the same.

Subjects of the Phishing e-mail - WARNING! Account Owner, Warning!! LSU Mail Account User

Sender Name - Internal LSU Users

Sender e-mail address - Internal E-mail Addresses* (Multiple Users)

*Internal accounts can be compromised and used by malicious actors to send phishing e-mails, in order to appear more authentic.

Content of the phishing email

The content of the message states the following (Links and other descriptors have been removed for security purposes):

Your  account has been temporally suspended, and this means that you will not be able to send and receive new email messages. This is because of the on-going yearly web maintenance and deleting of inactive LSU accounts. You are then requested to verify your account here for upgrading.

To verify your mailbox, kindly visit our Accounts Verification Form CLICK HERE and fill out the account Verification  form to verify  your powered account

WARNING! Account owner, that refuses to update his/her Webmail account after TWO (2) days of receipt of the notification of this update, his/her Webmail account will be excluded permanently from our Database we will not be responsible for the loss of your account.

Copyright ©2016 - Network Webmaster. All Rights Reserved
Security Alert Office.
Thanks for your anticipated co-operation,
Upgrade Team.

Screenshot of the phishing site

The URL provided in the e-mail does not belong to LSU and directs the user to a third-party site. The third party site looks similar to below:

Screenshot of the phishing site

NOTE: ALWAYS verify the URL provided in any e-mail and PLEASE NOTE that LSU will not ask you to verify your account or unblock your account in such a fashion.