Users of Google’s Calendar app are being warned about a scam that takes advantage of the popularity of the free service and its ability to schedule meetings easily.
In business, we schedule meetings all the time. One-off calls, recurring weekly updates, and the like. The latest warning from researchers at Kaspersky indicates the bad guys are using unsolicited Google Calendar notifications to trick user into clicking phishing links.
Here’s how it works:
Scammers send a Google user a calendar invite complete with meeting topic and location information. Inside the details of the appointment lies a malicious link that looks like it’s pointing you back to meet.google.com for more details. Once clicked, it’s back to the usual tactics of trying to infect the user’s endpoint with malware and so on.
This kind of attack has a massive attack surface, given the number of users utilizing Google’s Calendar service. It also has that contextual appeal by being hidden within a meeting invite and uses a seemingly valid URL for more information.
Users have long been warned about their interaction with email and the web. Now it’s important to add Calendar invites to the list. Organizations utilizing Security Awareness Training have users that are continually up to date on the latest attack types. This latest method demonstrates how attackers are continually updating their tactics, requiring organizations to remain equally persistently educated to enable users to make smarter security decisions.