"Office365: Important Account Confirmation Needed" Phish

 

LSU Personnel started receiving phishing e-mails on June 7th, 2017 related to account confirmation.

Subject of the Phishing e-mail - Office365: Important Account Confirmation Needed

Sender Name - Office365 Support

Sender e-mail address - External to LSU (@runsven.com)

Screenshot of phishing e-mail
Screenshot of Phish Mail

Content of phishing e-mail

The content of the message states the following (Links and other descriptors have been removed for security purposes):

Hi User,

Please note that starting from June 7, 2017 we will be introducing new online authentication procedures in order to protect the private information of all Office-Account(s) users.

You are required to confirm your Office-Account(s) details with us as you will not be able to have access to your accounts until this has been done.

Kindly Confirm your Office-Account(s) details here now.

Regards,

Pär Nilsson

Microsoft Service Support.

Screenshot of phishing site

The URL provided in the e-mail does appear to be similar to Microsoft Office365 page, the URL does not belong to LSU or Microsoft, and directs the user to a third-party site. The third party site appears as below:

Screenshot of Phish Site

NOTE: ALWAYS verify the URL provided in any e-mail and PLEASE NOTE that LSU will not ask you for your account information in such a fashion.