You’ve just received a Google Calander invite from your CEO to join a major client meeting. Like any employee, you’d click on the link to confirm your presence in the meeting. You see your CEO for another task an hour later and by the end of the conversation, you allude to the Google Calendar invitation. Your CEO says, “What calendar invite?”
Turns out he sent none and you’ve just become another victim of a large-scale phishing scam.
Such phishing scams have been on the rise and are specifically targeting Google Calendar invites and Google Drawings.
Google Calendar is used by over 500 million people and is available to use in 41 different languages.
Now, threat actors have found a way to exploit Google Calendar, systematically surpassing spam filters and tricking users into clicking malicious links.
Also Read: Serbian Officials Plant Spyware in Mobiles To Spy on Journalists
Phishing Targets Over 300 Brands
Check Point has recently discovered that hackers have been targeting 300 brands with over 4,000 emails sent in 4 weeks in a new phishing campaign.
Check Point told Bleeping Computer that the attacks targeted a broad range of companies, including educational institutions, healthcare services, building companies, and banks.
The phishing attacks involve hackers using Google Calendar to send seemingly innocuous meeting invites. These invites often include familiar names among the guests, making them appear legitimate.
The attacks are the links embedded in the invites which take the victim to either Google Forms or Google Drawings.
This further prompts the victim to click another link which is usually disguised as a reCaptcha or support button according to Bleeping Computer.
Also Read: Sextortion Scam Uses Photos of Your Home from Google Maps
Google Calendar User-Friendly Features Exploited
In an attempt to steal the personal information of corporate users, hackers have adopted a highly adept approach to fooling users.
After stealing personal information, cybercriminals usually sell sensitive information to bidders like advertisers, marketing, data firms or other unauthorised parties.
Check Point says that these phishing attacks initially exploited the user-friendly features inherent in Google Calendar, with links connecting to Google Forms.
However, after observing that security products could flag malicious Calendar invites, cyber criminals evolved the attack to align with the capabilities of Google Drawings.
Also Read: What is Cloud Security? What Enterprises Should Look For in Cloud Security?
