This detection rule identifies suspicious Google Groups invitations that may contain sexually explicit content or patterns that raise red flags. It specifically monitors invitations from non-organizational email domains to filter out potential spam. The rule focuses on the email subject line, searching for phrases that usually accompany notification emails like 'Invitation to join' or 'You have been added to'. It utilizes regex patterns to detect explicit keywords that indicate the potential of spam content. If such patterns are found in the subject line or in the body of the invitation email, it performs further checks including whether the sender is from a recognized organizational domain, and if the group name is structured suspiciously (e.g., using random alphanumeric strings or certain call-to-action phrases). Additionally, it flags invitations with excessive emoji usage or links leading to potentially inappropriate content. A combination of content analysis and sender analysis methods is employed for detection, establishing a baseline of what constitutes safe versus malicious invitation practices.