"Warning!" Phish

 

LSU Personnel started receiving phishing e-mails on August 15th, 2017 related to account validation.

Subjects of the Phishing e-mail - Warning!

Sender Name - Internal to LSU

Sender e-mail address - Internal to LSU 

*Internal accounts can be compromised and used by malicious actors to send phishing e-mails, in order to appear more authentic.

Screenshot of the phishing e-mail

 Screenshot of Phish Mail

Content of the phishing e-mail

The contents of the messages are (Links and other descriptors have been removed for security purposes):

Warning!! You are currently operating at 99% of your mail box quota.
You need to upgrade your email limit quota to 2GB within the next 48
hours to enable you store and receive large numbers of emails in your
mailbox. Use the below web link to upgrade to 5GB: You might not be able to send or receive new mail until you re-validate your mailbox .


CLICK HERE NOW TO RE-VALIDATE YOUR LSU.EDU MAIL BOX

Copyright © 2017 Louisiana State University. All Rights Reserved.
Security Alert Office.
Thanks for your anticipated co-operation,
Upgrade Team.

Screenshot of the phishing site

The URL provided does not belong to LSU, and directs the user to a third-party site. The third party site appears as below:

Screenshot of Phish Site

NOTE: ALWAYS verify the URL provided in any e-mail and PLEASE NOTE that LSU will not ask you for your account information in such a fashion.