A technique of using Google Calendar invites and events as spam is gathering volume, according to researchers.
The mechanics are relatively simple: an attacker crafts an unsolicited calendar invitation carrying a link to a phishing URL, which is sent to the user's Gmail or G Suite address. By default, smartphone Gmail will automatically add events to the calendar and notify the user via a popup. If users click the link, they are taken to a phishing site or malware is downloaded directly. As the popups appear to originate from the trusted Google Calendar app, users are much more likely to interact with them, and Gmail spam filters are sidestepped by the association too.
"Cybercriminals send targets an unsolicited calendar invitation carrying a link to a phishing URL," explained Kaspersky researcher Maria Vergelis, in a recent blog post. "A pop-up notification of the invitation appears on the smartphone's screen, and the recipient is encouraged to click on the link. The website where they are directed then tells victims to enter their credit card details and add some personal information, which is sent straight to the scammers."
Please register to continue.
Already registered? Log in.
Once you register, you'll receive:
The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.
Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.
SC Media’s essential morning briefing for cybersecurity professionals.
One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.