"Validation E-mail !!!" Phish

 

LSU Personnel started receiving phishing e-mails on March 29th, 2017 related to account verification. The e-mail content appears to be same, but the subject of the e-mails are different.

Subjects of the Phishing e-mail - Validation E-mail !!!, Notice!!!, DEAR LSU USER:

Sender Name - Internal Users

Sender e-mail address - Internal to LSU* (multiple users)
*Internal accounts can be compromised and used by malicious actors to send phishing e-mails, in order to appear more authentic.

Screenshot of the phishing email

The content of the message states the following (Links and other descriptors have been removed for security purposes):

Screenshot of the phishing email

Content of the phishing email

This is a generated Email from Database to inform all account users that verification is taking place to terminate all Reported/Spam and inactive Account from our Database. If your account is very much Active and to Avoid De-Activation from our Database Please Visit our VERIFICATION-PAGE and fill out the Verification form correctly to avoid termination of your LSU Account from our database.

Note: If You Refuse to update your account after 24hrs of receipt of the notification of this update, your account will be excluded permanently from our Database we will not be responsible for the loss of your account. We apologize if you have experienced any difficulties due to this situation.


HELP-DESK
©2016-2017 ALL RIGHTS RESERVED.

Screenshot of the phishing site

The URLs provided in the e-mails do not belong to LSU and direct a user to a third-party site. The third party sites appear as below:

 Screenshot of the phishing site

Second Screenshot of the phishing site

NOTE: ALWAYS verify the URL provided in any e-mail and PLEASE NOTE that LSU will not ask you for your account information in such a fashion.