"Your LSU account Certificate expired on the 14-10-2017" Phish

 

LSU Personnel started receiving phishing e-mails on October 14th 2017 related to account certificate renewal.

Subject of the Phishing e-mail - Your LSU account Certificate expired on the 14-10-2017

Sender Name - Internal to LSU

Sender e-mail address - Internal to LSU

*Internal accounts can be compromised and used by malicious actors to send phishing e-mails, in order to appear more authentic.

Screenshot of phishing e-mail

 Screenshot of Phish Mail

Content of phishing e-mail

The content of the message is (Links and other descriptors have been removed for security purposes):

Your LSU account Certificate expired on the 14-10-2017, This may interrupt your email delivery configuration, and account POP settings, page error when sending message.

To re-new your account Certificate Details, Please take a second to update your records by link below or copy and paste link

Link

LSU account will work as normal after the verification process,

and your webmail Certificate will be re-newed.

Sincerely,

Mail Service Team

LSU

Screenshot of phishing site

The URL provided in the e-mail does not belong to LSU, and directs the user to a third-party site. The third party site appears as below:

 Screenshot of Phish Site

NOTE: ALWAYS verify the URL provided in any e-mail and PLEASE NOTE that LSU will not ask you for your account information in such a fashion.