The IT security company Check Point Software reports that cybercriminals are now using Google Calendar in a new phishing campaign. Over 500 million users worldwide are at risk of being to be cheated out of money, have their information stolen and much more.
Google Calendar manipulation and phishing attacks
Due to Google Calendar's popularity with daily use for organizing schedules, it's not surprising that cybercriminals has targeted this tool. By manipulating the headers, emails appear to be sent via Google Calendar on behalf of a legitimate person. Approximately 300 brands have been affected by this campaign so far, and cybersecurity researchers observed 2,300 of these emails over a two-week period.
The emails contain a link or a calendar file (.ics) which leads to Google Forms or Google Drawings. Users are then prompted to click on another link, which is often a fake CAPTCHA or support button. After clicking on the link, the user is redirected to a landing page for mining cryptocurrency or a bitcoin support page. When users reach these pages, they are asked to complete a fake authentication process, enter personal information, and finally provide payment details.
Measures to protect yourself against phishing
“To avoid these types of phishing attacks, businesses should use advanced email security solutions,” says Fredrik Sandström, security expert at Check Point Software. They can detect phishing attempts, even when trusted platforms like Google Calendar have been compromised, by scanning attachments, URLs, and more. Behavioral analysis tools can detect unusual login attempts or suspicious activity, thus alerting users to phishing attempts.
Google Calendar: Security Tips – to improve safety in Google Calendar and how users can enable security settings to protect themselves against phishing.
Google's Phishing Protection – Here, Google explains its features to protect users against phishing via Gmail and other Google services.
Check Point Software has applied Google for a comment, and they respond: “We recommend users enable the 'known senders' setting in Google Calendar. This setting helps defend against this type of phishing by alerting users when they receive an invitation from someone who is not in their contact list and/or they have not interacted with from their email address before.”
Swedish
Danish
Norwegian
Finnish
English
German
Dutch