813-999-0631 info@tetratos.com
This is how scammers are now abusing Google Calendar to pillage your data

June 11, 2019

Cyber attackers and scammers will try every trick in the book to lure you into parting with your information.

Data can be considered something of currency in itself; it can be sold on for profit in the underground, used to compromise online accounts, and in the worst cases, can be utilized for identity theft or making fraudulent purchases.

Software and web vulnerabilities are often exploited in attacks in order to collect data in bulk. Hardly a day goes by when you do not hear of yet another data breach with so-many-millions of records exposed.

On an individual level, the services we use on a daily basis are also of interest to scammers and attackers keen to get their hands on your information — and calendar systems are not exempt.

Calendar-based attacks and scams have been floating around the Internet for years, but it was only in 2016 when such schemes began to impact users in vast numbers. Apple device users began receiving notifications on their Calendar app, made possible through unprotected sharing mechanisms.

In one case noted by ZDNet, an advert for ‘Ray-Bans’ popped up and those that fell victim for the invite ended up having their credit card details stolen.

At the time, Apple rolled out a report function for spam notifications appearing in Calendar, Photos, and iMessage and later included a feature to turn off the automatic addition of events altogether. However, this patch-over only highlighted an ongoing problem impacting not just the iPhone and iPad maker, but Google and Microsoft too.

In the name of collaboration, invitations which appear on your calendar can be useful functions, especially for those in business and management. However, scam artists exploit what are usually valuable features for users.

Back in February, researchers from GreatHorn came across a Microsoft scam which used the spoofed name and email address of a chief executive at the company they were targeting.

Victims were sent a calendar invitation relating to a fake meeting organized by the ‘CEO,’ and those that clicked the link were taken to a phishing website designed to look like Microsoft Outlook for the purpose of stealing their account credentials.

Now, it appears scammers are targeting Google Calendar. Kaspersky researchers said on Monday that multiple cases of the latest invite scheme were detected throughout May, in which fraudsters sent unsolicited event invitations by abusing a “free online calendar service that adds invitations and events to users’ calendars automatically.”

The spam message blast exploited a smartphone-based feature for Gmail which automatically added and notified potential victims of the fraudulent calendar invitations.

These pop-up notifications were not as sophisticated as the aforementioned business scam which pretended to be legitimate communication from a CEO; rather, the invitations they connected to contained a phishing link which sent victims to a survey website offering money for questionnaire completion.

However, to receive their winnings, the victims would need to enter their credit card details alongside names, phone numbers, and addresses.

“The ‘calendar scam’ is a very effective scheme, as most people have become used to receiving spam messages from emails or messenger apps,” said Maria Vergelis, a security researcher at Kaspersky. “So far, the sample we’ve seen contains text displaying an obviously weird offer, but as it happens, every simple scheme becomes more elaborate and trickier with time.”

Calendar abuse isn’t going away anytime soon, but thankfully for Google Calendar users, there is an easy way to prevent these annoying — and often malicious — campaigns. Open up Google Calendar, click Settings, and uncheck the box next to “Events from Gmail / Add automatically.”

Related Articles

Stay Up to Date With The Latest News & Updates

Join Our Newsletter

Get weekly tech updates and immediate alerts when there is a zero-day or security issue!

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates from our team.

You have Successfully Subscribed!

Pin It on Pinterest

Share This