Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Sead Fadilpašić

Spoof Eventbrite phishing emails look to lure in victims in major attack

A fish hook is lying across a computer keyboard, representing a phishing attack on a computer system.

Cybercriminals are increasingly abusing Eventbrite to run successful phishing campaigns, experts have warned.

A report from cybersecurity researchers Perception Point claims to have observed a 900% growth in the rate of such email attacks recently.

The method is quite simple - a malicious actor will register an account with Eventbrite, and set up a fake event under the guise of a reputable brand, with crooks already impersonating the likes of airline Qantas, toll ecollection system Brobizz , web hosting platform One, DHL, EnergyAustralia, and Qatar Post.

Phishing deluge

Creating an event then allows the hackers to create emails through the Eventbrite platform, which is where they draft the phishing messages.

“These emails can include text, images, and links, all of which are prime opportunities for attackers to smatter in malicious content,” the researchers explained. “The attacker then enters their list of targets (or “attendees”) and sends them the invite email.”

Eventbrite is an online platform where users can create, promote, and manage different events. Organizers can use it to sell tickets, and track attendance. Its tools can support different events, from concerts and festivals to workshops and conferences. On the other hand, consumers can use it to browse different events and purchase tickets.

Obviously, the tool also has its own mailing system, through which it can notify users of new events, changes in schedule, and more. Now, security pros are saying that this mailing system is being abused to send phishing messages that are more likely to bypass any email security set up.

In the usual phishing manner, victims are asked to urgently login to solve a problem, and during the process, they share personal information such as login credentials, tax identification numbers, phone numbers, credit card details, and more.

What makes this phishing campaign particularly dangerous is the fact that all emails are sent from the noreply@events.eventbrite.com domain - a trusted name that also makes it past different email filters.

More from TechRadar Pro

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.