New Threat Research: MalSync Teardown: From DLL Hijacking to PHP Malware for Windows  

Read Threat Research

Search

Phishing Campaign in GMX Calendar Invites

Calendar appointments are being methodized in a new phishing campaign. Similar to email phishing campaigns, but this one arrives via a phony calendar invite email containing fake dates. There are three different ways the scam has been seen. The first time when the calendar appointment invitation is sent to users via email, the second time when it marks as an entry in the calendar, and the third time when the calendar appointment sends a reminder. One might think that a simple solution would be to just ignore the invitation, but that is not the case here. Even if the invitation is ignored, the spammer is still notified that the calendar notification was acknowledged by an active account, which will open up door for the spammer to send more mail in the future.

Analyst Notes

Although this campaign is currently only being seen through GMX’s email service, it does not mean other email services will not be targeted. To help mitigate the issue, users should create a new calendar then direct the calendar spam mail to that newly created calendar, and then delete the entire calendar itself.