"2018 LSU UPDATE" Phish

 

LSU Personnel started receiving phishing e-mails on March 16th, 2018, related to password expiration.

Subject of the Phishing e-mail - 2018 LSU UPDATE

Sender Name - External to LSU

Sender e-mail address - External to LSU

Screenshot of phishing e-mail

 Screenshot of Phish Mail

 

Content of phishing e-mail

The content of the message is (Links and other descriptors have been removed for security purposes):

Your Pass-word will expire In 2 days to keep your pass-word CLICK-HERE

and enter your username and pass-word correctly and click on Sign In
immediately to keep your pass-word active and updated.


IT-Service Help Desk. 

Screenshot of phishing site

The URL provided in the e-mail does not belong to LSU, and directs the user to a third-party site. The third party site appears as below:

 Screenshot of Phish Site

NOTE: ALWAYS verify the URL provided in any e-mail and PLEASE NOTE that LSU will not ask you for your account information in such a fashion.