Invitation email to 'end of year event' contains malicious phishing link

Posted by Akankasha Dewan on 12 December 2019 12:57:56 AEDT

MailGuard has intercepted a phishing email scam masquerading as an e-invite to an ‘end of year event’.

First detected on 10th of December afternoon (AEST), the email is infiltrating inboxes using the subject ‘Invitation to our end of year event’. From the samples MailGuard has seen, the ‘From’ and ‘To’ fields of the email contain the same email address.

The email body contains the Adobe Document Cloud logo. It informs recipients that the sender has “sent you a download link for “Invitations.pdf”. A link is provided for users to ‘open’ the invitation. The email ends with a thank you note supposedly from ‘The AdobeCloud team’.

Here is a screenshot of the email:

Invitation email

Unsuspecting recipients who click on the link to ‘Open’ the invite are then led to a fake Droplr-branded page containing the popular cloud-based file sharing platform’s logo. It informs users that to view the invite, they need to ‘access OneDrive’.

Here is a screenshot of the page:

DANGERFIELD-INVITED.pdf • Droplr - Mozilla Firefox_175

Clicking on the link to ‘access document’ then leads users to another page, this time using fake ‘OneDrive’ branding. Users are advised that ‘to read the document’ they are to choose their respective email providers and log in to their accounts.

Here is a screenshot of the page:

Dangerfield_One Drive - Mozilla Firefox_176

This is a phishing site designed to harvest users’ confidential details like their username & password.

MailGuard advises all recipients of this email to delete it immediately without any links.

While the phishing pages of this scam utilise high-quality branding elements of OneDrive (including its logo), the actual email contains several red flags that should alert users to its illegitimacy like spacing & formatting errors.

Festive periods such as Christmas & New Year are a common time for cybercriminals to hit inboxes with email scams. They exploit distracted professionals who are in a rush to finish pending tasks before going on their holiday break.

Because of the festive season, it’s not uncommon to receive an e-invitation to the end-of-year festivities such as this in your inbox. Cybercriminals behind this scam are banking on the timely nature of this email to trick users, who might actually be expecting such invitations this time of the year. This scam is a good reminder of the critical need to always be vigilant when clicking on any emails and be constantly on the lookout for any red flags.

What to look out for

As a precaution, avoid clicking links in emails that:

  • Are not addressed to you by name, have poor English or omit personal details that a legitimate sender would include (e.g. – tracking ID).
  • Are from businesses you’re not expecting to hear from.
  • Ask you to click on any suspicious links.
  • Take you to a landing page or website that does not have the legitimate URL of the company the email is purporting to be sent from.

Defend your inbox

Even the most experienced and savvy email users can have a moment of haste, carelessness or fatigue when their guard is down. Just practising good common sense isn’t enough anymore, because for scammers it’s a numbers game; they know that if they keep sending their scams, sooner or later we will slip up and do something we shouldn’t.

Extortion phishing scams can be enormously costly and destructive, and new scams are appearing every day. Don’t wait until it happens to you or someone in your business; take action to protect your inboxes, now.

Speak to the MailGuard team today to learn more how MailGuard's predictive and advanced email security can help protect your business for a few dollars per staff member per month. 

Talk to a solution consultant at MailGuard today about securing your company's network. 


Why not stay up-to-date with MailGuard's latest blog posts by subscribing to free updates? Subscribe to weekly updates by clicking on the button below.

Keep Informed with Weekly Updates



Topics: Phishing brand exploitation brandjacking fraud ZeroDay spoofing fastbreak Microsoft Office 365

Back to Blog


Something Powerful

Tell The Reader More

The headline and subheader tells us what you're offering, and the form header closes the deal. Over here you can explain why your offer is so great it's worth filling out a form for.


  • Bullets are great
  • For spelling out benefits and
  • Turning visitors into leads.

Recent Posts

Posts by Topic

see all