"Email Account Closure" Phish

 

LSU Personnel started receiving phishing e-mails on March 6th, 2017 related to the updating Office365 account.

Subject of the Phishing e-mail - Email Account Closure

Sender Name - Microsoft team

Sender e-mail address - External e-mail address (@cvcesperanca.onmicrosoft.com)

Note: The sender e-mail address has no relation to the Microsoft Corporation.

Screenshot of the phishing email

The content of the message states the following (Links and other descriptors have been removed for security purposes):

Screenshot of the phishing email

Content of the phishing email

Dear Office365 User,
 
 Your account is not updated and will be shutdown within the next 24 hours if you fail to update it.


 
 Click here to update your email account now


 
Thank you for your patronage.

Sincerely,


Microsoft office365 Team
Copyright © 2017

Screenshot of the phishing page

The URL provided in the e-mail does not belong to LSU or Microsoft and directs the user to a third-party site. The third party site appears as below and looks very similar to Office365 login page:

Screenshot of the phishing page

 

NOTE: ALWAYS verify the URL provided in any e-mail and PLEASE NOTE that LSU will not ask you for your account information in such a fashion.