"Email Account Closure" Phish
LSU Personnel started receiving phishing e-mails on March 6th, 2017 related to the updating Office365 account.
Subject of the Phishing e-mail - Email Account Closure
Sender Name - Microsoft team
Sender e-mail address - External e-mail address (@cvcesperanca.onmicrosoft.com)
Note: The sender e-mail address has no relation to the Microsoft Corporation.
Screenshot of the phishing email
The content of the message states the following (Links and other descriptors have been removed for security purposes):
Content of the phishing email
Dear Office365 User,
Your account is not updated and will be shutdown within the next 24 hours if you fail to update it.
Click here to update your email account now
Thank you for your patronage.
Microsoft office365 Team
Copyright © 2017
Screenshot of the phishing page
The URL provided in the e-mail does not belong to LSU or Microsoft and directs the user to a third-party site. The third party site appears as below and looks very similar to Office365 login page:
NOTE: ALWAYS verify the URL provided in any e-mail and PLEASE NOTE that LSU will not ask you for your account information in such a fashion.