"Dear LSU Mail User;" Phish

 

LSU Personnel started receiving phishing e-mails on May 17th, 2017 related to account validation.

Subjects of the Phishing e-mail - "Dear LSU Mail User;" and "LSU Email Support"

Sender Name - Internal to LSU (multiple users)

Sender e-mail address - Internal to LSU* (multiple e-mail addresses)

*Internal accounts can be compromised and used by malicious actors to send phishing e-mails, in order to appear more authentic.

Screenshot of the phishing e-mail

 Screenshot of phishing email

Content of the phishing e-mail

The content of the message states the following (Links and other descriptors have been removed for security purposes):

Dear LSU Email User;
 
Due to the high influx of registration recorded on our LSU ail database, would be doing some re-validation exercise on our database to know the number of active accounts that still exist so as to provide our users with better and more active LSU e-mail services.
 
Please visit our account validation webpage, Kindly CLICK HERE and carefully fill the required information listed in order to continue using your email account(s).
 
WARNING! Any account owner that refuses to update his/her account after five (5) days of receipt of the notification, will be disabled from our email database.
 
Thanks for your cooperation in advance!
Copyright © 2017 Louisiana State University. All Rights Reserved

Screenshot of the phishing site

The URL provided in the e-mail does not belong to LSU and directs the user to a third-party site. The third party site appears as below:

Screenshot of Phish Site

NOTE: ALWAYS verify the URL provided in any e-mail and PLEASE NOTE that LSU will not ask you for your account information in such a fashion.