"LSU Information Technology" Phish

 

LSU Personnel started receiving phishing e-mails on November 2nd 2017 related to payroll notice.

Subject of the Phishing e-mail - LSU Information Technology

Sender Name - External to LSU

Sender e-mail address - External to LSU

Screenshot of phishing e-mail

 Screenshot of Phish Mail

Content of phishing e-mail

The content of the message is (Links and other descriptors have been removed for security purposes):


Notice to all Faculty, staff, and student.
We have upgraded Cisco anyconnect vpn client software, please click the login button to reactivate your LSU SSL VPN Service access. 

This is a technology that allows LSU SSL VPN Service Faculty, Staff, Students, and Retirees to securely access the LSU SSL VPN Service Network from anywhere with an Internet connection.
All connections are logged and monitored. By accessing this system, you acknowledge that use of this and any other technology at LSU SSL is subject to the terms of the LSU SSL Conditions of Use and Policy on Computing Ethics

Screenshot of phishing site

The URL provided in the e-mail does not belong to LSU, and directs the user to a third-party site. The third party site appears as below:

 Screenshot of Phish Site

NOTE: ALWAYS verify the URL provided in any e-mail and PLEASE NOTE that LSU will not ask you for your account information in such a fashion.