"Lsu.edu mail account" Phish
LSU Personnel started receiving phishing e-mails on October 10th, 2017 related to email validation.
Subjects of the Phishing e-mail - Lsu.edu mail account
Sender Name - Internal to LSU
Sender e-mail address - Internal to LSU
*Internal accounts can be compromised and used by malicious actors to send phishing e-mails, in order to appear more authentic.
Screenshot of phishing e-mail
Content of phishing e-mail
The content of the message is (Links and other descriptors have been removed for security purposes):
Due to database maintenance that is happening in our Lsu.edu mail message center, we are currently deleting ALL inactive and hacked Lsu.edu E-mail account from our email account database, with this new improved security software it will provides our users with a new security system to protect our users from getting their Lsu.edu E-mail accounts hacked.We recommend that you update your account now to avoid termination or account de-activation.
CLICK HERE to verify your Lsu.edu mail account.
We are sorry for the inconvenient.
With best regards
Screenshot of phishing site
The URL provided in the e-mail does not belong to LSU, and directs the user to a third-party site. The third party site appears as below:
NOTE: ALWAYS verify the URL provided in any e-mail and PLEASE NOTE that LSU will not ask you for your account information in such a fashion.