"Microsoft Exchange (Email Validation)" Phish

 

LSU Personnel started receiving phishing e-mails on March 28th, 2017 related to validating active accounts.

Subject of the Phishing e-mail - Microsoft Exchange (Email Validation)

Sender Name - External User

Sender e-mail address - External Account (@ucad.edu.sn)

Screenshot of the phishing message

The content of the message states the following (Links and other descriptors have been removed for security purposes):

Screenshot of the phishing message

Content of the phishing message

This is to notify all Students, Staffs and Alumni that we are validating active accounts. 
 
Kindly confirm that your account is still in use by clicking the validation link below:
 
Validate Email Account
 
Sincerely,
IT Help Desk
Office of Information Technology 

Screenshot of the phishing site

The URL provided in the e-mail does not belong to LSU or Microsoft and directs the user to a third-party site. The third party site appears as below and looks very similar to Office365 login page.

 Screenshot of the phishing site

NOTE: ALWAYS verify the URL provided in any e-mail and PLEASE NOTE that LSU will not ask you for your account information in such a fashion.