Beware of new phishing scam that’s attacking Google Calendar
No matter which corner of the internet you visit, you’ll find scammers trying to take advantage of you. You may already know to be skeptical of emails, Facebook posts, and dating profiles that seem too good to be true. And some times they even try to take control of our data – primarily the financial data – using the alleged calls from customer care executives. Quite frankly, no one is immune to receiving such unsolicited messages or emails. But thanks to their popularity, everyone knows the drill to safeguard themselves. Just don’t click on suspicious emails or links and don’t reveal your financial information to anyone and you are good to go. You know this. I know this and even scammers know this. And so now, reports are that there’s a new type of security threat that targets your Google Calendar.
Scammers are using Google Calendar and other calendar apps to target innocent users in a new type of phishing scam, according to a global security firm.
Findings from the threat intelligence firm Kaspersky show there’s been a recent wave of scam artists using hyperlink-embedded events to gain access to people’s sensitive information. They start by spamming Google Calendar users with seemingly benign calendar invites. Anyone can accept the invitations, but the real targets are users with the default setting that automatically adds every event they’re invited to to their Google Calendar. Once it’s been added, Google sends notifications related to the event, making it seem more trustworthy.
The scam is thought to have happened throughout May this year.
The fake invitations contained a malicious website link that encouraged users to input their personal details, often in the form of a simple questionnaire that promised the chance to win money or other prizes if completed.
Kaspersky researchers say that users can safeguard themselves by turning off the automatic adding of invites to your Google Calendar app.