"Action On Your Account" Phish

 

LSU Personnel started receiving phishing e-mails on December 11th 2017 related to an issue with e-mail account.

Subject of the Phishing e-mail - Action On Your Account

Sender Name - External to LSU (@TechTown267.onmicrosoft.com)

Sender e-mail address - External to LSU

Screenshot of phishing e-mail

 Screenshot of Phish Mail

Content of phishing e-mail

The content of the message is (Links and other descriptors have been removed for security purposes):

 

Dear user@lsu.edu,

Someone attempted to sign in with your email ( user@lsu.edu ) from an unknown location. 
Date Received: [08 December 2017 02:02am] 

We restricted the attempt and we put a lock on your account user@lsu.edu for incoming and outgoing message till you sign in from a familiar location

 
SIGN-IN FROM A FAMILIAR LOCATION

Thanks for taking these additional steps to keep your email safe.

Privacy | legal notices

Microsoft Office
Radmond, WA
98062-6309 USA

Screenshot of phishing site

The URL provided in the e-mail does not belong to LSU or Microsoft, and directs the user to a third-party site. The third party site appears as below:

 Screenshot of Phish Site

NOTE: ALWAYS verify the URL provided in any e-mail and PLEASE NOTE that LSU will not ask you for your account information in such a fashion.