ANNAPOLIS, Md. — A party invitation may feel like a welcome change from spam and sales emails, but cybersecurity experts warn scammers are now using fake Evite-style messages to steal email logins and quietly take over accounts.
The scam often looks harmless. The message appears to come from someone you know and asks you to check your spam folder for a party invitation. But clicking that link can give scammers access to your email, allowing them to spread the scam even further.
Linda Bayer says that’s exactly what happened to her.
“I see an Evite that came from a neighbor who just lives a couple of doors down,” Bayer said.
When she clicked the invitation, she didn’t land on a real RSVP page. Instead, she ended up on an email login screen and assumed signing in would let her view the details.
“I had typed in [my log-in details], but it didn't say that it was recognized and didn't take me to anything. And I thought, well, that's odd,” Bayer said.
She stopped there, but days later, her phone and email were flooded with messages.
“I started getting calls, started getting emails and texts from people I hadn't heard from in probably 15 years and maybe an old boyfriend or two who is still in my email,” she said.
Those contacts were asking if Bayer meant to send them an Evite. She hadn’t. Scammers had taken control of her email account and were using it to message her entire contact list, telling recipients to look for the invite or check their spam folders.
According to McAfee, that trust factor is what makes the scam so effective.
“Now you're getting an email from somebody you trust, right? And then you're curious to know what they have to say, in this case, Evite,” said Abhishek Karnik, McAfee’s head of threat research.
While the phishing emails don’t immediately ask for money, Karnik says that’s often the end goal.
“So it starts off as a very rudimentary way of collecting information. But then that can be utilized by other scammers. They might even sell your information online for instance,” Karnik said.
The more information scammers gather, the easier it becomes to build a believable story, one that can eventually lead to financial losses. Each hacked account becomes another tool, sending fake invitations to even more people and rapidly expanding the scam’s reach.
“Because once they get access to your account and they're able to spam other people, now they'll see it coming from your email address,” Karnik said.
WMAR-2 News sent the suspicious message to Evite, which confirmed it is not associated with the company.
Karnik advises people to slow down before clicking, closely inspect URLs, and check out the website’s “Contact Us” page to verify legitimacy. He also warns scammers can manipulate web addresses using look-alike characters that are nearly impossible to spot.
“Certain Russian characters look like an A, and they might replace that on the website. So it might look like Apple.com, but the A is not an English A, it's a Russian A,” Karnik said.
For Bayer, what should have been a simple RSVP has changed how she handles invitations altogether.
“You know, not exactly sure what to do, but definitely not clicking on any more invitations. So if you want to invite me to something, pick up the phone and call,” she said.
If you believe this has happened to you, experts recommend immediately changing your password, alerting your contacts that your account was hacked, and installing scam-detection or security software.
Click here for more information from McAfee on these invitation phishing attempts and how to protect yourself from online scams.