Phishing scam targets Google Calendar users
According to security researchers, cyber criminals are apparently increasingly using Google calendar invitations to lure Internet users to phishing sites.
Cyber criminals are apparently trying to lure Google Calendar users to phishing websites.
(Image: Sadi-Santos/Shutterstock.com)
Security researchers from CheckPoint report that cyber criminals are increasingly using Google calendar invitations to lure Internet users to phishing sites: Over a period of four weeks alone, around 4,000 such invitations were received by employees of around 300 companies. According to the start-up Calendly, around 500 million internet users use Google Calendar, which is also available in 41 languages. The number of potential victims is correspondingly high.
The attackers modify the email headers so that the phishing emails look like Google Calendar invites from people known to the recipients. The emails usually contain an .ics calendar file typical of calendar invitations with a link to a Google form. If you click on the link, you end up with a request to click on another one. However, this second phishing link is disguised as a support button or reCAPTCHA. If you fall for it, you end up on a phishing website that looks like a Bitcoin support or mining website, which asks for personal data and payment information as part of an authentication process. If you are still not suspicious, you are playing into the hands of the attackers.
"Known sender" setting helps with detection
To protect against such phishing attempts, Google recommends activating the "known senders" setting. The calendar tool then indicates invitations from strangers who are not in the contact list or with whom there has been no previous email contact.
Videos by heise
In addition to Google's recommendation, the authors of the Checkpoint blog post name further measures to protect against such fraud attempts: Unusual requests such as solving a reCAPTCHA are strong indications that something is wrong with an invitation. They also recommend not clicking on links blindly, but instead looking at the link preview and, if necessary, calling up the URL named in an email in the browser yourself.
It is also always a good idea to secure internet accounts with two-factor authentication. This can help to protect access to sensitive data and accounts in the event that some of the access data, such as user name and password, does fall into the hands of cyber criminals as part of a phishing attack or data leak.
(kst)
