"Exchange/Outlook Web Access" Phish
LSU Personnel started receiving phishing e-mails on March 21st and 28th, 2017 related to e-mail activation due to email system upgrade.
Subject of the Phishing e-mail - Exchange/Outlook Web Access
Sender Name - External Users
Sender e-mail address - External Accounts (@washco-md.net and @fremontchristian.com)
Screenshot of the phishing message
The content of the message states the following (Links and other descriptors have been removed for security purposes):
The date within the message varies depending on the day the message is received.
Content of the phishing message
Today Tuesday 21st March, 2017. We are upgrading our email system for Outlook Web App 2017. This service creates more space and easy access to email. Please update your account by clicking on Activation below, fill information for activation and submit.
Click for Activation
Inability to complete the information will render your account inactive.
IT Admin Desk
Screenshot of the phishing site
The URL provided in the e-mail does not belong to LSU and directs the user to a third-party site. The third party site appears as below.
The page is similar for the message received on the 28th, except for the URL.
NOTE: ALWAYS verify the URL provided in any e-mail and PLEASE NOTE that LSU will not ask you for your account information in such a fashion.