LITTLE ROCK, Ark. (KATV) — Invitation scams that mimic legitimate online event services are becoming a growing cyber threat, with attackers exploiting people’s desire to stay socially connected to trick them into clicking malicious links or handing over login information.
Chris Wright, a cybersecurity expert and co-founder of Sullivan Wright Technologies, said scammers often latch “on to brands that you know, like Evie and other ones,” using what he described as “borrowed credibility” to make messages look trustworthy at first glance. By including a familiar brand name, he said, scammers can clear the initial skepticism that might otherwise stop someone from clicking.
Wright said the same tactic shows up frequently in business settings, with scammers impersonating well-known services such as Microsoft, Google and DocuSign to get people to open messages and follow prompts.
One common example, he said, is a message designed to look like a formal RSVP invitation, the kind someone might expect for “a wedding or a higher stature event or something like that.” Wright said scammers try to mimic the look and feel of legitimate invitations so the email appears official.
Once someone clicks, Wright said, the scam can go in multiple directions. In one of the most common versions, he said, the attacker tries to steal credentials by presenting a fake login page that appears to be from Microsoft or Google and telling the recipient they must sign in to view the invitation.
Wright said a key warning sign is the web address. “If you actually look at the URL, it’s going to be nothing that looks like Microsoft or Google or anything that it says it is,” he said.
In some cases, Wright said scammers tailor the fake login page to the recipient’s email provider. For example, if the invitation is sent to a Gmail account, clicking the link may bring up what he called “a very convincing looking Gmail logon page.” Other scams cast a wider net, he said, by offering multiple options such as logging in with Microsoft, Google or Yahoo, all with the goal of capturing usernames and passwords.
Another version of the scam can be even more dangerous, Wright said, by prompting the user to download an executable file that appears to be the invitation. “In all actuality, that executable file just gave the attacker remote access to your computer,” he said, allowing access to email, financial information and private files.
To protect against invitation scams, Wright urged people to slow down before clicking. “Slow down,” he said. He recommended inspecting emails carefully, including checking the sender details. If an email only shows a display name such as a brand or a person, he said users should click to reveal the full email address, which “more often than not, is going to give it away as a scam.”
He also advised hovering over links to preview where they lead before clicking, and looking for contextual clues, including whether the message is unexpected. Wright said if something arrives out of the blue and prompts a reaction of, “I did get that,” it is likely a scam.
