"LSU Membership Update" Phish
LSU Personnel started receiving phishing e-mails on May 15th, 2017 related to account verification.
Subjects of the Phishing e-mail - LSU Membership Update
Sender Name - Internal to LSU
Sender e-mail address - Internal to LSU*
*Internal accounts can be compromised and used by malicious actors to send phishing e-mails, in order to appear more authentic.
Screenshot of phishing e-mail
Content of phishing e-mail
The content of the message states the following (Links and other descriptors have been removed for security purposes):
Due to our recent IP routine check; we have reasons to believe that your account has
been violated and access by a third party. Click on Support and verify your Mailbox
to avoid deactivation.
With best regards
Copyright © 2017 Louisiana State University. All Rights Reserved.
Screenshot of phishing site
The URL provided in the e-mail does not belong to LSU and directs the user to a third-party site. The third party site appears as below:
NOTE: ALWAYS verify the URL provided in any e-mail and PLEASE NOTE that LSU will not ask you for your account information in such a fashion.