Spoof Eventbrite phishing emails look to lure in victims in major attack

Hackers are increasingly abusing Eventbrite to send out phishing emails

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Cybercriminals are increasingly abusing Eventbrite to run successful phishing campaigns, experts have warned.

Areportfrom cybersecurity researchers Perception Point claims to have observed a 900% growth in the rate of such email attacks recently.

The method is quite simple - a malicious actor will register an account with Eventbrite, and set up a fake event under the guise of a reputable brand, with crooks already impersonating the likes of airline Qantas, toll ecollection system Brobizz ,web hostingplatform One, DHL, EnergyAustralia, and Qatar Post.

Phishing deluge

Phishing deluge

Creating an event then allows the hackers to create emails through the Eventbrite platform, which is where they draft the phishing messages.

“These emails can include text, images, and links, all of which are prime opportunities for attackers to smatter in malicious content,” the researchers explained. “The attacker then enters their list of targets (or “attendees”) and sends them the invite email.”

Eventbrite is an online platform where users can create, promote, and manage different events. Organizers can use it to sell tickets, and track attendance. Its tools can support different events, from concerts and festivals to workshops and conferences. On the other hand, consumers can use it to browse different events and purchase tickets.

Obviously, the tool also has its own mailing system, through which it can notify users of new events, changes in schedule, and more. Now, security pros are saying that this mailing system is being abused to send phishing messages that are more likely to bypass anyemail securityset up.

Are you a pro? Subscribe to our newsletter

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

In the usual phishing manner, victims are asked to urgently login to solve a problem, and during the process, they share personal information such as login credentials, tax identification numbers, phone numbers, credit card details, and more.

What makes this phishing campaign particularly dangerous is the fact that all emails are sent from the noreply@events.eventbrite.com domain - a trusted name that also makes it past different email filters.

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

A critical Palo Alto Networks bug is being hit by cyberattacks, so patch now

3 reasons why PIA fell in our best VPN rankings

Stormforce Pro Creator 0601 workstation review