Evite Exploited to Bypass Spam Filters

Over the weekend, an NJCCIC analyst received an Evite email to her personal email inbox from a sender not in her contacts list. The email had the subject line “Welcome” and the body contained the text “You’re Invited” with options to view the invitation and submit an RSVP to the supposed event. The corresponding invitation hosted on the Evite website contained a non-personalized message and a request for the recipient to click on embedded links obscured by the text “Project Guidelines” and “Agreement Letter,” as well as URL shorteners. Further analysis revealed that this campaign was designed to generate clicks for a website advertising a “get rich quick” scheme. As this campaign successfully bypassed sophisticated spam filters, the NJCCIC assesses that malicious actors are exploiting the popular and trusted event planning website to deliver malware or perform other social engineering schemes. We recommend immediately deleting any Evite emails from unknown senders and verifying any Evite emails containing obfuscated URLs with known senders prior to taking any action.