"Dear Active User" Phish

 

LSU Personnel started receiving phishing e-mails on August 15th, 2017 related to account verification.

Subjects of the Phishing e-mail - Dear Active User

Sender Name - Internal to LSU

Sender e-mail address - Internal to LSU 

*Internal accounts can be compromised and used by malicious actors to send phishing e-mails, in order to appear more authentic.

Screenshot of phishing e-mail

 Screenshot of Phish Mail

Content of phishing e-mail

The contents of the messages are (Links and other descriptors have been removed for security purposes):

Dear Users this is a database maintenance. Due to spam/hackers activities going on we're to De-activate some email ID from our database. To avoid account De-activation kindly follow link and verify your email account: CLICK HERE

 
Copyright © 2017 Louisiana State University. All Rights Reserved. 

 

Screenshot of phishing site

The URL provided does not belong to LSU, and directs the user to a third-party site. The third party site appears as below:

Screenshot of Phish Site

NOTE: ALWAYS verify the URL provided in any e-mail and PLEASE NOTE that LSU will not ask you for your account information in such a fashion.