Cybercriminals often seem to find a way to fulfill their malicious intent and the new way in town is phishing via Google Calendar, popularly called Calendar Phishing.
As per a report by security firm Kaspersky, scammers are sending across phishing links to users via Google Calendar in Gmail, taking advantage of a setting on the Google app.
How Does Calendar Phishing Work?
It is suggested that Google Calendar comes with a default setting of adding invitations and events, even if a user has not responded to the invite. Users receive a pop-up notification for all events and invites when the date of the event approaches.
While users these days are likely to dismiss suspicious emails (thanks to all the increasing security awareness), phishing links via trusted apps such as Google Calendars tend to catch users’ attention and help the scammers succeed in their motive.
Cybercriminals, via phishing links, can get access to users’ important data, social security numbers, and banking details in order to extract money from them.
How to stop it?
However, there is still a way to stop the Calendar Phishing and users can follow simple steps to do so:
- First, users are required to click Google Calendar, select settings Gear icon, and head to the Event settings.
- Under the Event settings, go for the ‘Automatically add invitations’ option and select ‘No, only show invitations to which I’ve responded.’
- Following this, users need to ensure that they untick the ‘Show declined events’ option under the View options section.
In addition to this, users need to stay alert and not enter any personal information on the sites they find fishy and should use a reliable security solution to remain safe.