Kasperky discovers new phishing attacks on Gmail and Google Calendar users

Kasperky discovers new phishing attacks on Gmail and Google Calendar users

Gmail and Google Calendar users are at risk of phishing according to security researchers working at Kaspersky. The tech firm warned that scammers had found a loophole in the Gmail – Google Calendar integrated system to target even the most tech savvy people, by tricking you to click a link.

This is how the attackers go about the new phishing scam disclosed this week.

  • The Google Calendar allows anyone to schedule a meeting with any Gmail user as long as they have your email address.
  • The scammers schedule meetings and insert malicious links in the calendar invite.
  • Once the meeting is scheduled, Gmail automatically receives it and notifies you of the invitation with the normal popup.
  • Of course, you are not aware of any meeting with the said person, so as you read on you are tricked to click on the link sent as you seek more info.
  • The malicious link redirects to a credential stealing website where you may find a questionnaire or a poll, with a monetary incentive if you participate.
  • You will find yourself giving away your bank and credit card details without knowing

Next time that meeting invitation notification appears on your calendar, do not be too quick to follow it up especially when it contains a link for more details.

Author: Moshek Africa

Moshek Africa is a digital media research and development web service. The website offers informative content for a large audience interested in varied information. With a lot of interest in Kenya and the East African region tech, business, travel spaces, and Africa at large. It also covers universal content of interest to the world.