"Notice" Phish

 

LSU Personnel started receiving phishing e-mail on August 31st, 2017 related to account validation.

Subject of the Phishing e-mail - Notice

Sender Name - Internal to LSU (multiple users)

Sender e-mail address - Internal to LSU (multiple e-mail addresses)

*Internal accounts can be compromised and used by malicious actors to send phishing e-mails, in order to appear more authentic.

Screenshot of phishing e-mail

 Screenshot of Phish Mail

Content of phishing e-mail

The content of the message is (Links and other descriptors have been removed for security purposes):

Your mailbox has exceeded its storage limit set by our E-mail Administrator, and you will not be able to receive new mail unit you re-validate it.

Click Here to HERE  your email account.

Thanks

LSU HELP DESK

SYSTEM ADMIN

Screenshot of phishing site

The URL provided in the e-mail does not belong to LSU, and directs the user to third-party site. The third party site appears as below:

 Screenshot of Phish Site

NOTE: ALWAYS verify the URL provided in any e-mail and PLEASE NOTE that LSU will not ask you for your account information in such a fashion.