While software manufacturers And application developers continue to make their goods safer and less open to attacks, you can never be complacent with digital security – and you must be aware of all the different attack methods that bad players use to get on your accounts.
These methods include targeting the Google calendar: such a basic application and every day, you might never think that it could be used to channel malware in your direction. But with millions of users from around the world and a reliable technological brand name behind, Google Calendar is a pirate and crooked platform that is aimed regularly.
The ways in which the Google calendar can be targeted varies, but there are certain common themes through these types of attacks – and certain general rules that you can respect to minimize your chances of being taken.
How does the malware of the Google calendar work
The majority of the scams of the Google calendar involve links to fraudulent websites designed to deceive you with personal details: the classic digital con. These links can be integrated into event descriptions of the Google calendar, either in emails supposed to be invitations to the Google calendar: in both cases, a lot of care will be taken to ensure that the links appear normal and authentic .
An invitation from Google Standard calendar is delivered with links both to the event itself and to the guest list – the event is also included as an attachment. Ics to open in a calendar application. The events themselves, on the other hand, can be delivered with links integrated into the description and the files of Google Drive attached. All these elements can be enjoyed in one way or another by bad actors.
Take the recent security vulnerability reported by check point As an example: the attack works by usurping a real Google calendar invitation by e-mail. Respond to the invitation leads to a recaptcha form or a support button – and after that, the targeted target is invited to enter personal information on an official website, details which can then be used to access other accounts or make unauthorized purchases.
Invitations to the Google calendar were always used To try to dump users, and if you are in an organization with many meetings and appointments to follow the dangerous, the dangerous can easily blend with the authentic. In addition to that, hackers can take advantage of the information they have on your business or contacts to make the invitations more plausible – from the names of the managers to the addresses of the offices.
