Cybercriminals are increasingly abusing Eventbrite to run successful phishing campaigns, experts have warned.

A report from cybersecurity researchers Perception Point claims to have observed a 900% growth in the rate of such email attacks recently.

The method is quite simple – a malicious actor will register an account with Eventbrite, and set up a fake event under the guise of a reputable brand, with crooks already impersonating the likes of airline Qantas, toll ecollection system Brobizz , web hosting platform One, DHL, EnergyAustralia, and Qatar Post.

Phishing deluge

Creating an event then allows the hackers to create emails through the Eventbrite platform, which is where they draft the phishing messages.

“These emails can include text, images, and links, all of which are prime opportunities for attackers to smatter in malicious content,” the researchers explained. “The attacker then enters their list of targets (or “attendees”) and sends them the invite email.”

Eventbrite is an online platform where users can create, promote, and manage different events. Organizers can use it to sell tickets, and track attendance. Its tools can support different events, from concerts and festivals to workshops and conferences. On the other hand, consumers can use it to browse different events and purchase tickets.

Obviously, the tool also has its own mailing system, through which it can notify users of new events, changes in schedule, and more. Now, security pros are saying that this mailing system is being abused to send phishing messages that are more likely to bypass any email security set up.

In the usual phishing manner, victims are asked to urgently login to solve a problem, and during the process, they share personal information such as login credentials, tax identification numbers, phone numbers, credit card details, and more.

What makes this phishing campaign particularly dangerous is the fact that all emails are sent from the noreply@events.eventbrite.com domain – a trusted name that also makes it past different email filters.

More from TechRadar Pro

New method for phishing discovered for Android and iPhone usersHere’s a list of the best firewalls todayThese are the best endpoint protection tools right now

You Might Also Like

You may also like

Crazy or wicked? Someone stuck half a touchscreen monitor on...

New Xiaomi smartwatch leak shows a ludicrously cheap Apple Watch...

Atlas robot’s fully autonomous video is this Halloween’s scariest video

The 9 best new emojis that could be coming to...

New Max movies: all of the new films to stream...

Your doctor may have an AI assistant taking notes during...

Google might have a radical plan to beat Apple’s iPad...

Foxit unveils native support for Snapdragon-powered PCs with AI integration

Our favorite budget audio brand just launched super-cheap planar earbuds...

iPad mini 7 officially announced – and it’s built for...

Leave a Comment

Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More

-
00:00
00:00

Queue

Update Required Flash plugin
-
00:00
00:00
Verified by MonsterInsights