Phishing @ LSU
Phishing - /'fiSHiNG/ - Phishing is an attempt by malicious actors pretending to be a legitimate enterprise for the purpose of stealing private information, such as Username and Passwords, Social Security Numbers (SSN), Date of Birth, and Banking information.
LSU IT Security and Policy Team reviews phishing messages received by LSU Community in order to implement preventive security measures for our Campus network.
Is it a phish? Click the image below to learn about common indicators.
Would you like to report a suspect e-mail? Follow the instructions in the link below to report it:
Report Phishing e-mails
The IT Security and Policy Team (ITSP) has implemented a phishing reporting tool called Cofense Reporter. The application conveniently integrates directly with Outlook mail clients and Office365, providing LSU Faculty, Staff, and Students a quick and easy mechanism to report phishing e-mails.
For specific instructions on how to utilize Cofense Reporter to report a phishing e-mail to LSU ITSP, please read the following GROK article https://grok.lsu.edu/Article.aspx?articleid=19636.
If Cofense Reporter is not an available option for you, please report phishing messages to LSU ITSP as outlined in the following article https://grok.lsu.edu/Article.aspx?articleid=17107#Reporting.
Fallen for a Phish
If you believe you have fallen for a phish, please take the following actions:
- If you accidentally shared your username and password, please change your password immediately. Note: The new password must be unique and should not have been used anywhere else. If you use the same password for different services, you must change passwords for other services as well.
- If you shared your banking (credit card, debit card, bank account, etc.) information, please reach out to your financial institutions.
- If you shared any other personally identifiable information (Social Security Numbers, Date of Birth, etc.), you should take necessary steps to monitor your credit for any unauthorized changes.
LSU ITS will NEVER:
- Request that you validate or share your myLSU/PAWS/e-mail account information and password through email.
- Request any of your personally identifiable information, such as SSN, Date-of-Birth, etc. via e-mail.
Recent Phishing e-mails
-
"A Document was sent to you for review" - September 16th, 2019
-
"Termination Final Alert for :<Account_Name>, Resolve Now!" - July 16th, 2019
-
"LSU Account Migration/Protection Exercise (INC0347429) For" - May 20th, 2019
-
"Validate Your Email Account....To avoid close down" - October 30th, 2018
-
Multiple subject lines - September 23rd, 24th, October 5th, 8th, 14th, 15th, 18th, and 21st, 2018
- "IMPORTANT NOTICE FROM LSU" - September 25th, 2018
-
"<A User> as Shared a file with you Using One Drive"" - July 6th, 2018
-
"You have a Faculty message from your Department" - March 19th, 2018
-
"You Have A Faculty Message From Chelsea Patton" - January 12th, 2018
-
"E-mail Validation: Louisiana State University" - January 9th, 2018
-
"Unusual Login Attempt" and " " (No Subject) - January 8th, 2018