" " Phish
LSU Personnel started receiving phishing e-mails on October 3rd and 4th, 2017 related to e-mail validation.
Subject of the Phishing e-mail - (The e-mail had no subject)
Sender Name - Internal to LSU (Multiple Users)
Sender e-mail address - Internal to LSU (Multiple e-mail addresses)
*Internal accounts can be compromised and used by malicious actors to send phishing e-mails, in order to appear more authentic.
Screenshot of phishing e-mail
Content of phishing e-mail
The content of the message is (Links and other descriptors have been removed for security purposes):
All Staffs and Students are expected to migrate to the New 2017 Microsoft Outlook Web portal to access the below, click here to migrate:
· Access the new staff directory
· Access your pay slips and P60s
· Update your ID photo
· E-mail and Calendar Flexibility
· Connect mobile number to e-mail for voicemail
Important notice: All staffs and students are expected to migrate within 24 hours to avoid delay on mail delivery.
On behalf of IT Support. This is a group email account and its been monitored 24/7,
therefore, please do not ignore this notification, because its very compulsory.
Screenshots of phishing sites
The URLs provided in the e-mail do not belong to LSU, and direct the user to third-party sites. The third party sites appear as below:
NOTE: ALWAYS verify the URL provided in any e-mail and PLEASE NOTE that LSU will not ask you for your account information in such a fashion.