"Office365: Important Account Confirmation Needed" Phish
LSU Personnel started receiving phishing e-mails on June 7th, 2017 related to account confirmation.
Subject of the Phishing e-mail - Office365: Important Account Confirmation Needed
Sender Name - Office365 Support
Sender e-mail address - External to LSU (@runsven.com)
Screenshot of phishing e-mail
Content of phishing e-mail
The content of the message states the following (Links and other descriptors have been removed for security purposes):
Please note that starting from June 7, 2017 we will be introducing new online authentication procedures in order to protect the private information of all Office-Account(s) users.
You are required to confirm your Office-Account(s) details with us as you will not be able to have access to your accounts until this has been done.
Kindly Confirm your Office-Account(s) details here now.
Microsoft Service Support.
Screenshot of phishing site
The URL provided in the e-mail does appear to be similar to Microsoft Office365 page, the URL does not belong to LSU or Microsoft, and directs the user to a third-party site. The third party site appears as below:
NOTE: ALWAYS verify the URL provided in any e-mail and PLEASE NOTE that LSU will not ask you for your account information in such a fashion.