Change this setting now to avoid Google Calendar phishing attacks!

Google Calendar is being attacked by hackers who are spoofing email headers to access users' private information.

Google Calendar is being targeted by hackers who are spoofing email headers to access users' private information. The scam could affect 500 million users, with sensitive personal and business information potentially stolen - but you can stay safe by changing a single setting.

How the Google Calendar Phishing Attack Works

The Google Calendar phishing campaign was first discovered by cybersecurity experts at Check Point Software.

Attackers send invitations that look like regular Google Calendar invites. To make the invitations look credible, they modify the email headers of the invitations to make them appear to be sent by a legitimate company or someone the target knows. Most of the invitations look exactly like regular Google Calendar invites, while others use a custom format.

The link in the invitation takes the target to a phishing page where the victim is asked to complete a fake authentication process, share personally identifiable information (PII) or business information, and in some cases, even share payment details. The stolen information is used for financial fraud, credit card fraud, identity theft, and other fraudulent activities.

After realizing that Google's email scanning was flagging these malicious calendar invitations, the attackers modified their campaign and began using Google Forms and Google Drawings. Sending calendar invitation files (.ics) with links to Google Forms or Google Drawings allowed them to bypass Google's security scans.

After the user opens the Google form, they are asked to click on another link that leads to a phishing page, disguised as a reCAPTCHA or a fake support page.

Change this Google setting to protect yourself!

Google recommends changing your 'known senders' settings in Google Calendar to protect yourself from this phishing and spoofing attack.

Click the gear icon in the upper right corner of Google Calendar, then click Settings .
On the left you will see the menu, click on Event Settings . Click on Add Invitations to My Calendar to access the drop-down menu.
Now, click on Only if the sender is known .

Change this setting now to avoid Google Calendar phishing attacks! Picture 1 Change this setting now to avoid Google Calendar phishing attacks! Picture 1

Changing this setting will filter all invitations added to your calendar to only include invitations from people in the same company you work for (with the same domain), people in your contacts list, or people you've interacted with before. You'll also get a warning when you receive an invitation from someone who isn't on your list or who you've never interacted with before.

As with all of these attacks, avoid clicking on clicks if you don't know the sender. Even if the sender is someone you know, it's best to contact the person to double-check first, especially if the invite is for an event or surprise meeting.