"Account Information" Phish

 

LSU Personnel started receiving phishing e-mails on April 21st, 2017 related to web-mail migration.

Subjects of the Phishing e-mail - Account Information

Sender Name - External to LSU

Sender e-mail address - External to LSU

Screenshot of phishing e-mail

screenshot of Phish E-mail

Content of phishing e-mail

The content of the message states the following (Links and other descriptors have been removed for security purposes):

To All, 

If you are a faculty or staff member who has not yet had their email migrated to the present Web-Mail to create space for 2017 Outlook Web Access which has a high visual definition and creates more space and easy access to email,Please kindly update your account by clicking on the link below and fill information for activation.


CLICK HERE To Upgrade


Follow the procedure and complete information by clicking SUBMIT.

A new space will be created within 48 hours.

Failure to update your Web-Mail we will deactivate such accounts as it will be considered inactive.


Thanks,

HELPDESK

Screenshot of phishing site

The URL provided in the e-mail does not belong to LSU and directs the user to a third-party site. The third party site appears as below:

Screenshot of Phish Site

NOTE: ALWAYS verify the URL provided in any e-mail and PLEASE NOTE that LSU will not ask you for your account information in such a fashion.