Watch out – that Google Calendar meeting invite could be dangerous malware

Check Point spots hackers sending fake Google Calendar invites
The invites point to a phishing page where they can lose sensitive information
Google recommends turning on “Known senders” feature in Calendar

Cybercriminals have been spotted impersonating Google Calendar, sending emails which look to steal victim’s private, and business, information.

A report from Check Point Security notes how the criminals would tweak the sender email header to make the message look as if it’s a Google Calendar invite coming from a known contact. In the body itself, they would add a .ics attachment, a calendar app file, together with a link to either Google Forms, or Google Drawings. On these links, the victims would then be asked to click on another link, which usually looks like a reCAPTCHA, or support, button.

This link would lead the victim to a website that looks like a cryptocurrency mining, or Bitcoin support site.

Successful attack

“These pages are actually intended to perpetrate financial scams,” Check Point Research said in its report. “Once users reach said page, they are asked to complete a fake authentication process, enter personal information, and eventually provide payment details.”

The campaign seems to have been a success, with Check Point claiming roughly 300 brands have been infected so far, and more than 4,000 phishing emails sent over the course of four weeks.

Commenting on the findings, Google said the best way to defend is to enable “known senders” in the Calendar. This feature helps, since it will alert the user when they get an invitation from someone who is not in their contacts list, or from someone with whom they’ve not interacted before.

“Known senders” aside, users should also use common sense, and just be careful when receiving any unsolicited message, particularly around those that come with attachments or links. If they are unsure if the message is legitimate or not, they should reach out to the alleged sender via other means, and confirm the authenticity of the received message.

https://cdn.mos.cms.futurecdn.net/P9BCkcvE234QLbvNoYkzcM-1200-80.jpg

Source link

Generative AI should be used to transform society, not put dogs in Van Gogh paintings

You can get the MacBook Air M2 at a record low price again at Amazon today

Tamworth vs Tottenham live stream: how to watch FA Cup free

Lenovo’s AI-driven prototype display continuously assesses your physical activity, but it says we shouldn’t worry

What UK political parties are promising in the 2019 general election

Otto Warmbier’s parents want North Korea to suffer for their son’s death

Could a ‘youthquake’ cause Boris Johnson to lose the general election?

People are driving through flames to escape this California wildfire

New ‘Westworld’ trailer introduces us to another dystopian tech company

What’s the point of ‘Charlie’s Angels’ without Sam Rockwell dancing?

These striking photos capture the future of human flight

‘Heathers’ is still the best dark comedy about high school hell

Trump vs. Harris: How the election will affect EV adoption

Lumwana’s Super Pit Expansion Officially Launched By Investing.com

How Biden could use a 1947 law to suspend the dockworkers’ strike

Why your Roth IRA conversions could have ‘unintended’ tax consequences

The YouTuber who has become one of Gen Z’s most beloved celebrities

26 last-minute holiday gifts that are still thoughtful and unique

Practicing gratitude regularly can make you less stressed and sleep better

8 things millennials wish you would just stop getting them for the holidays

Watch out – that Google Calendar meeting invite could be dangerous malware

Generative AI should be used to transform society, not put dogs in Van Gogh paintings

You can get the MacBook Air M2 at a record low price again at Amazon today

Tamworth vs Tottenham live stream: how to watch FA Cup free

Lenovo’s AI-driven prototype display continuously assesses your physical activity, but it says we shouldn’t worry

Leave a reply Cancel reply