Online Threat Alerts (OTA) - Alerting you to scams and frauds.

Evite Scam Email - How to Protect Yourself

An Evite scam email is a phishing attack where scammers send fake invitations designed to steal your email login credentials or install malware on your device. Because they impersonate a familiar social event, they exploit your trust and curiosity to bypass your usual security defenses.

Top Red Flags

  • Generic Senders: The email arrives from a personal address (e.g., Gmail or Yahoo) rather than the official domain evite.com.
  • Unexpected Login: The invitation forces you to log in to an unknown page just to "see" who invited you or to view the details.
  • Suspicious Links: If you hover your mouse over the "RSVP" button, the URL leads to a random domain (like Cloudflare Pages or Google Storage) instead of evite.com or evite.me .
  • Odd Details: The event lacks specific details (e.g., "memory-making celebration") or comes from a person you haven't spoken to in years.

How to Stay Safe

  • Verify the Source: If an invite looks out of character, contact the sender via text, phone, or in person to confirm they actually sent it.
  • Never Enter Passwords: Official invitation platforms do not ask you to re-enter your email password just to see an event.
  • Inspect the Email Headers: In Gmail, click the three-dot menu, select "Show original," and verify that SPF, DKIM, and DMARC all show as PASS.

If You Clicked a Link

  • Change your passwords: Immediately log into your email account and change your password, especially if you typed it into the fake site.
  • Turn on 2FA: Enable two-factor authentication (2FA) for added security.
  • Scan for malware: Disconnect from the internet and run a full system scan using reputable antivirus software.
waiting