Fake Google Calendar invites that look like they're from real sources are the latest trick used by scammers to collect personal info. By cleverly changing the email headers, these messages appear to come from official companies or acquaintances of the victim. While the attacks can take various forms, they all share a common element: a Google Calendar invite. Clicking on the link usually leads victims to a site designed to gather personal details, which the scammers can use to carry out further attacks or even request sensitive financial data directly.
Rise in Attack Frequency
Researchers have noted that these kinds of attacks have increased in recent weeks. Around 4,000 emails of this type have been sent to unsuspecting targets over a four-week span, impersonating more than 300 different brands. Email scanning tools found in services like Gmail and Microsoft Outlook started to detect these attacks at some point, prompting criminals to adapt their strategies. Now, the fake links might direct users to pages using Google Forms or Google Drawings, and may even feature a phony ReCaptcha screen. Ultimately, the goal is still to mislead the victim, who trusts the message's supposed sender, into providing sensitive information that the attackers can exploit later.
Recommendations for Users
After being informed about this scheme, Google recommended that users take advantage of Gmail's filtering rules and the "known senders" setting. These measures can help stop potential victims from accessing harmful emails in the first place. Until a more complete security solution is developed, the best defense is to stay alert and only click on links from trusted contacts or those that were expected to arrive.
Check Point | Dark Reading
Source: Link