Cybercriminals have found a way to exploit Google Calendar to bypass its spam filters, leaving users vulnerable to phishing attacks.
A recent report by Check Point, a company specialising in cyber threat intelligence, revealed over 4,000 phishing emails were sent in just four weeks, targeting organisations like banks, healthcare providers, and universities.
These attackers use Google Calendar’s legitimate invitation system to deliver malicious links, making the spam appear genuine. Victims risk exposing sensitive information such as passwords and financial details if they interact with these invitations.
Dominik Tomaszewski / Foundry
To protect yourself, we recommend following these 10 tips to avoid all types of scams, including ignoring unfamiliar calendar invites, especially those containing suspicious links.
Always double-check email addresses and website URLs for subtle discrepancies, such as “@google.com” versus “@gooogle.com.” When in doubt, access websites directly through trusted search engines or by typing the URL manually.
Staying vigilant is critical as phishing scams grow in sophistication. Avoid engaging with unsolicited invites and remain cautious to safeguard your personal information against these evolving threats.
Also always use one of the best antivirus programs when downloading something from the internet. Beware though, as you should watch out for these antivirus scams as well.
