Jump to content

Fake Evite (electronic invitation) email: What risks


Recommended Posts

Hi everyone,

First, i am aware this should be in another section but i put it here just as an appetizer of potential further investigation, which i hope is unnecessary.

The story in short is this:

1) I received a fake Evite invitation from a well known contact.

2) Since i found it strange i sent him an email using the same account he used for the invitation (i have no other account) asking whether he had actually sent it (imagining a Man in the Middle thing). No reply.

3) Despite the suspicious activity, including the links etc., i gave it a shot with a secondary account i use. The result was a denied access in both cases, on both Edge (Outlook 365 automatic redirection, asking me to connect to Adobe cloud with one of my email accounts) and Firefox showing a 403 error.

4) I changed the password on my email account used to run the attempt. No other malicious behavior noticed.

5) Contacted Evite which confirmed the email is not from them and confirms the malicious nature of the email, advising me to clean up the data/cookies from all my browsers (all those used to executed activities on the email).

 

Question: Any chance I am infected with something and ESET missed it? I can submit a copy of the email if necessary, but i'd prefer not to if possible.

Thanks in advance for any insight.

Rick

 

 

Link to comment
Share on other sites

8 hours ago, Marcos said:

You can supply me with the url or the whole file via a private message for perusal.

 

I just did. Bit late but i got busy. Other people in a group received the same email, too. So the account was definitely hacked.

Link to comment
Share on other sites

8 hours ago, itman said:
 

Thanks Itman. I had read about it. Once i realized something was wrong i checked to see whether there were security notices about it and found out it was around since at least 2019. Both my laptops and mobile are working fine but this morning i noticed some email services on my mobile aren't synching. Access to most emails seems fine but i didn't check all accounts. I did change the password for the account i used to experiment with the Evite invitation minutes after testing it. Rechanged it once more one day later. But my email client on Android isn't synching (i had tried to open also through Android relying on the idea that the phishing threat was designed for Windows). Not clear whether there are issues caused by that specific action or whether a recent mail client update is causing the issue. The client update (third party app) occurred almost simultaneously.

 

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...