New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research

Search

Google Calendar Scam

A new style of scam has been found that is trying to get users to share their Google calendar. Scammers are sending phishing emails inviting users to use a free calendar service that adds invitations and events to users’ calendars automatically. The spam email campaign targets mobile users that utilize the google calendar app. This new technique has evolved from the previous spam emails that were claiming that a CEO invited them to a meeting and to add the meeting to their calendars. This new campaign does not appear to be quite as advanced as previously found but will assuredly grow in complexity. Scammers use this stolen information to build profiles on users in an attempt to steal credentials, copy possible business information and even to perform identity theft. In a worst-case scenario. If an attacker knows the schedule of a user, then it is possible to perform physical attacks or even home invasions. While the latter two scenarios are extreme cases, the possibility is there.

Analyst Notes

There are several ways to thwart this style of attack. If a user receives this email, the sender should be verified prior to accepting any type of invite. Using Google Calendar, the user can go to the settings tab, and uncheck the box next to “Events from Gmail/Add Automatically.” Lastly, if the email is from an unsolicited source then simply delete the email.