Spammers use Google Calendar to relay messages

March 20, 2008
Spammers are using Google Calendar to send spam meeting invites, according to two security companies.

The invitations are actually Nigerian advance-fee or lottery scams, experts said. The email invites are personalized, with a different link sent to each user, which makes URL-based filtering difficult.

“The invite comes in email as if to schedule an appointment,” Fred Touchette, senior security analyst for message security firm AppRiver, told on Thursday. “If you click [to] accept, it is added to your calendar and gives the spammers another opportunity to get at you again.”

The invitation is delivered as an .ics file, which could easily exploit a person's computer for malware, Touchette said.

It is difficult to discern the spam invitation from a valid one because the difference in the subject header is subtle, experts say.

In addition to Google Calendar - which is part of Google Apps - being used as a spamming vector, the junk mail is unusual because of the large volume sent so far.

According to anti-virus firm BitDefender, there is usually a testing phase to determine response rate first.

“While the spam was sent in large numbers, its relevancy is from the social engineering technical standpoint,” Vlad Valceanu, head of anti-spam research BitDefender told on Thursday. “It gains a lot of more traffic and credibility because it was sent by Google, a reputable source.”

This could increase the risk of infection, he said.

“People tend to believe in messages coming from Google,” he said.

prestitial ad