"Dear Lsu User," Phish
LSU Personnel started receiving phishing e-mails on July 26th, 2017 related to account confirmation.
Subjects of the Phishing e-mail - Dear Lsu User,, Help-Desk Administrator., Help-Desk
Sender Name - Internal to LSU (Multiple Users)
Sender e-mail address - Internal to LSU (Multiple e-mail addresses)
*Internal accounts can be compromised and used by malicious actors to send phishing e-mails, in order to appear more authentic.
Screenshot of phishing e-mail
Content of phishing e-mail
The content of the message states the following (Links and other descriptors have been removed for security purposes):
This is an automatic message by system to let you know that you have to confirm your account information. and this means that you will not be able to send and receive new email messages. This is because of the on-going yearly web maintenance and deleting of inactive accounts.kindly Click on Support and log in to re-validate your email today.
With best regards
Copyright © 2017 Louisiana State University. All Rights Reserved.
Screenshot of phishing site
The URL provided in the e-mail does not belong to LSU, and directs the user to a third-party site. The third party site appears as below:
NOTE: ALWAYS verify the URL provided in any e-mail and PLEASE NOTE that LSU will not ask you for your account information in such a fashion.