Google app defaults enabling calendar phishing attacks

Kaspersky Lab have warned that cyber criminals are currently sending malicious phishing links to victims via Google Calendar in Gmail. The new attack type is called ‘Calendar Phishing’. Perpetrators are exploiting a default setting on the Google app where Google Calendar adds invitations and events, regardless of whether the user has directly responded to the invitation or not. Victims then interact with the notification, as it is coming from a trusted app such as Google Calendars, making the phishing campaign surprisingly successful.

Other than ignoring such messages to prevent the risk of infection, users can prevent the notifications appearing by completing a few basic steps via the Google Calendar Event settings. Within this dropdown, users can select the ‘Automatically add invitations’ option and select ‘No, only show invitations to which I’ve responded.’ Finally, the ‘Show declined events’ option should be deselected under the ‘View options’ section. Rate this posting:

Captial Concierge The FM Store JobsXpress