"Dear User," Phish

 

LSU Personnel started receiving phishing e-mails on October 13th 2017 related to email validation.

Subject of the Phishing e-mail - Dear User,

Sender Name - Internal to LSU (Multiple users)

Sender e-mail address - Internal to LSU (Multiple e-mail addresses)

*Internal accounts can be compromised and used by malicious actors to send phishing e-mails, in order to appear more authentic.

Screenshot of phishing e-mail

 Screenshot of Phish Mail

Content of phishing e-mail

The content of the message is (Links and other descriptors have been removed for security purposes):

Dear User,

Your mail box is cramped with unsolicited mails and has been blocked due to spammed mails, you can no longer send out mails or receive, to restore your spam filter so you could start sending and receiving mails. Click on Support and log in to validate your email today.

Thank you.

Screenshot of phishing site

The URL provided in the e-mail does not belong to LSU, and directs the user to a third-party site. The third party site appears as below:

 Screenshot of Phish Site

NOTE: ALWAYS verify the URL provided in any e-mail and PLEASE NOTE that LSU will not ask you for your account information in such a fashion.