MSN reported:
Cybercriminals are increasingly abusing Eventbrite to run successful phishing campaigns, experts have warned.
The method is quite simple - a malicious actor will register an account with Eventbrite, and set up a fake event under the guise of a reputable brand, with crooks already impersonating the likes of airline Qantas, toll ecollection system Brobizz , web hosting platform One, DHL, EnergyAustralia, and Qatar Post.
Creating an event then allows the hackers to create emails through the Eventbrite platform, which is where they draft the phishing messages.“These emails can include text, images, and links, all of which are prime opportunities for attackers to smatter in malicious content,” the researchers explained. “The attacker then enters their list of targets (or “attendees”) and sends them the invite email.”
The method is quite simple - a malicious actor will register an account with Eventbrite, and set up a fake event under the guise of a reputable brand, with crooks already impersonating the likes of airline Qantas, toll ecollection system Brobizz , web hosting platform One, DHL, EnergyAustralia, and Qatar Post.
Creating an event then allows the hackers to create emails through the Eventbrite platform, which is where they draft the phishing messages.“These emails can include text, images, and links, all of which are prime opportunities for attackers to smatter in malicious content,” the researchers explained. “The attacker then enters their list of targets (or “attendees”) and sends them the invite email.”
Find the original article here.
Enroll in Training Sessions: Last Thursday of Every Month is Training on Frauds and New Scam Alerts and How to Combat
Enroll in Training Sessions: Last Thursday of Every Month is Training on Frauds and New Scam Alerts and How to Combat