"FWD: UPDATE!!!" Phish


LSU Personnel started receiving phishing e-mails on August 16th and 17th, 2017 related to account validation.

Subjects of the Phishing e-mail - FWD: UPDATE!!!

Sender Name - Internal to LSU (multiple sender)

Sender e-mail address - Internal to LSU (multiple e-mail addresses)

*Internal accounts can be compromised and used by malicious actors to send phishing e-mails, in order to appear more authentic.

Screenshot of phishing e-mail

 Screenshot of Phish Mail

Content of phishing e-mail

The contents of the messages are (Links and other descriptors have been removed for security purposes):


This is a generated Email from Database to inform all user that verification is taking place to terminate all Reported/Spam and inactive Account from our Database. If your account is very much Active and to Avoid De-Activation from our Database Please Click our LSU VALIDATION FORM and fill out the Validation form correctly to avoid termination of your Account from our database.

Take Note: If You Refuse to update your account after 24hrs of receipt of the notification of this update, your account will be excluded permanently from our Database we will not be responsible for the loss of your account. As always, your privacy and security are of utmost importance to us. We apologize if you have experienced any difficulties due to this situation.


Screenshot of phishing site

The URLs provided in the separate e-mails do not belong to LSU, and direct the users to third-party sites. The third party sites appear as below:

Screenshot of Phish Site


Phish Site 2

NOTE: ALWAYS verify the URL provided in any e-mail and PLEASE NOTE that LSU will not ask you for your account information in such a fashion.