In recent weeks, scammers have developed a new method of luring Google users into getting hacked without their knowledge. This is the Google Calendar notification scam that targets those individuals that use the Google calendar to accept an invitation. The invitation looks normal, but usually contains a link to accept the invitation. Some recent invitations have led users to an illicit website looking to steal personal information.
If the link in any document (email or calendar invitation) asks you to log into any account, this may be an indication of a fraudulent link. The recent attack, asked people to log into a website to verify the appointment, leading to credential stealing sites.
In the calendar invitation, the scammers can set the number of reminders to deliver the same message until the desired link is clicked or the invitation is deleted. There is even one calendar invitation that automatically adds the notification to the recipient’s calendar, when the invitation is opened.
Google Calendar users can help protect themselves against unwanted invitations by:
- Open Google Calendar’s settings and go to Event Settings, Automatically Add Invitations. Select the option “No, only show invitations to which I’ve responded”.
- Under View Options, make sure that “Show declined events” is unchecked, so malicious events don’t haunt you after declining them.
- If you think that you may have been a victim of a Google Calendar Cybersecurity Attack, contact your trusted Managed IT and Cybersecurity provider.
Founded in 2003, ELIJAH is a multi-award-winning leader in providing expert digital forensic, data security solutions, and managed IT. ELIJAH is owned and managed by former litigation partners and is an efficient boutique digital forensic, cybersecurity and IT solutions provider that makes clients’ lives easier through effective communication and white glove service. For additional information, please visit https://www.elijaht.com or call 866-354-5240.