Nowadays, major web players employ invite-only strategy, the hot trend to promote their new web services and apps. The invite-only buzz resonates exclusivity, thus making the forbidden more attractive to young users. Google Inbox, the new email app is currently channeling this fad, getting users excited about invites.
However, we observe some security concerns with this trend, as we notice suspicious campaigns doing the rounds. Few of the users, with or without invite shares, are seen to post hostile links that redirects to unsafe websites or demanding email id’s to distribute invites.
Here is an imaginary scenario that describes what could happen with an excited user who responds to an anonymous link that claims to send an invite. Consider, Sara wants an invite to the new email service “INBOX” and John tweets that he has “INBOX” invites to share as in the pictures below,
Now, Sara looks at the tweet, clicks on the link, shares her personal details with John as instructed. Possibility is that the link itself could be malicious.
Supposing the link is not malicious, it’s uncertain, if Sara would receive a link which redirects to a malicious link or would receive an invite mail from John after giving her personal information.
Wear your safety goggles; don’t share personal data on public platforms and be suspicious of links to invite-only emails and messages from unknown sources.
Priyal Viroja & Archana Sangili, K7 Team
If you wish to subscribe to our blog, please add the URL provided below to your blog reader:
https://labs.k7computing.com/feed/
