Change this setting now to avoid Google Calendar phishing attacks!
Google Calendar is being targeted by hackers who are spoofing email headers to access users' private information. The scam could affect 500 million users, with sensitive personal and business information potentially stolen - but you can stay safe by changing a single setting.
How the Google Calendar Phishing Attack Works
The Google Calendar phishing campaign was first discovered by cybersecurity experts at Check Point Software.
Attackers send invitations that look like regular Google Calendar invites. To make the invitations look credible, they modify the email headers of the invitations to make them appear to be sent by a legitimate company or someone the target knows. Most of the invitations look exactly like regular Google Calendar invites, while others use a custom format.
The link in the invitation takes the target to a phishing page where the victim is asked to complete a fake authentication process, share personally identifiable information (PII) or business information, and in some cases, even share payment details. The stolen information is used for financial fraud, credit card fraud, identity theft, and other fraudulent activities.
After realizing that Google's email scanning was flagging these malicious calendar invitations, the attackers modified their campaign and began using Google Forms and Google Drawings. Sending calendar invitation files (.ics) with links to Google Forms or Google Drawings allowed them to bypass Google's security scans.
After the user opens the Google form, they are asked to click on another link that leads to a phishing page, disguised as a reCAPTCHA or a fake support page.
Change this Google setting to protect yourself!
Google recommends changing your 'known senders' settings in Google Calendar to protect yourself from this phishing and spoofing attack.
- Click the gear icon in the upper right corner of Google Calendar, then click Settings .
- On the left you will see the menu, click on Event Settings . Click on Add Invitations to My Calendar to access the drop-down menu.
- Now, click on Only if the sender is known .
Changing this setting will filter all invitations added to your calendar to only include invitations from people in the same company you work for (with the same domain), people in your contacts list, or people you've interacted with before. You'll also get a warning when you receive an invitation from someone who isn't on your list or who you've never interacted with before.
As with all of these attacks, avoid clicking on clicks if you don't know the sender. Even if the sender is someone you know, it's best to contact the person to double-check first, especially if the invite is for an event or surprise meeting.
You should read it
- Making Google Calendar more useful with these free calendar applications
- Instructions for using Calendar with Google Calendar in Windows 10
- Guide to managing jobs with Google Calendar in Gmail
- How to remove spam in Google Calendar
- 8 best Google Calendar alternatives to manage time
- 5 reasons to switch from Google Calendar to Notion Calendar
- 8 best calendar apps for iPhone
- 8 best free calendar apps for Android
May be interested
- Making Google Calendar more useful with these free calendar applicationsgoogle calendar is a popular productivity tool but also useful for other areas of life. you can make your calendar more interesting by adding one or more other applications.
- Instructions for using Calendar with Google Calendar in Windows 10the time when windows 10 debuted up to 1 week now, the time is not enough for us to explore and use all the features that this new operating system brings to users. and in the article below, tipsmake.com will introduce you how to use windows calendar software with google calendar!
- How to use the Like Italy Calendar - Van Nien Calendar 2020calendar like italy - calendar wan nien 2020 brings users the calendar of yin and yang lookup and comes with many new features.
- Guide to managing jobs with Google Calendar in Gmailto manage work more efficiently, users can immediately use the google calendar feature available on gmail. we can make calendars available, manage daily tasks even when available.
- How to remove spam in Google Calendarhundreds of google calendar users report that they receive event notifications that they didn't create. if you encounter this problem, please read the following article to remove spam in google calendar.
- Microsoft shows how to avoid trapping phishingmicrosoft has issued a warning and recommended ways to protect users of e-mail services ...
- 8 best Google Calendar alternatives to manage timemany people are loyal to google calendar when it comes to managing time and schedules. but not everyone. so where can you find a suitable replacement?
- How is Computer Vision used to detect phishing attacks?computer vision, computer vision, computer vision detects phishing attacks, computer vision detects phishing attacks, detects phishing attacks with computer vision
- Hackers use banks as a starting point for phishing attacksthe cybercrime attacks banks and financial institutions entering and using a compromised infrastructure to have access to specific goals in every region or country that is trending. increase.
- What is IPFS Phishing attack? How to avoid?while the interplanetary file system (ipfs) offers many benefits, it also allows cybercriminals to carry out malicious campaigns.