"Validation E-mail !!!" Phish


LSU Personnel started receiving phishing e-mails on March 29th, 2017 related to account verification. The e-mail content appears to be same, but the subject of the e-mails are different.

Subjects of the Phishing e-mail - Validation E-mail !!!, Notice!!!, DEAR LSU USER:

Sender Name - Internal Users

Sender e-mail address - Internal to LSU* (multiple users)
*Internal accounts can be compromised and used by malicious actors to send phishing e-mails, in order to appear more authentic.

The content of the message states the following (Links and other descriptors have been removed for security purposes):

Phish Email

The URLs provided in the e-mails do not belong to LSU and direct a user to a third-party site. The third party sites appear as below:

 Phish Site

Phish site 2

NOTE: ALWAYS verify the URL provided in any e-mail and PLEASE NOTE that LSU will not ask you for your account information in such a fashion.