"SECURITY ZONE" Phish

 

LSU Personnel started receiving phishing e-mails on March 25th, 2017 related to e-mail deactivation.

Subject of the Phishing e-mail - SECURITY ZONE

Sender Name - External User

Sender e-mail address - External Account (@msn.com)*

*The reply-to address for the e-mail is an e-mail address @peoplepc.com)

Screenshot of phishing email

The content of the message states the following (Links and other descriptors have been removed for security purposes):

Screenshot of phishing email

Content of phishing email

Your E-mail has been queued for deactivation; this due to an ongoing script error (code: 404) results received from your account. Kindly click on UPDATE and fill details to update your account information's.Thank you. Yours Sincerely,

 

Email Team.

Screenshot of phishing site

The URL provided in the e-mail does not belong to LSU or Microsoft and directs the user to a third-party site. The third party site appears as below and looks very similar to Office365 login page.

 screenshot of phishing site

NOTE: ALWAYS verify the URL provided in any e-mail and PLEASE NOTE that LSU will not ask you for your account information in such a fashion.