Home Latest Cyber Security News | Network Security Hacking New Phishing Campaign Exploits Google Calendar To Evade Filters

New Phishing Campaign Exploits Google Calendar To Evade Filters

by Abeerah Hashim
New Phishing Campaign Exploits Google Calendar To Evade Filters

Researchers have observed an ongoing phishing attack that exploits Google Calendar to evade security filters. The attackers are running an aggressive campaign, targeting numerous firms from various sectors within a few weeks.

Phishing Campaign Exploits Google Calendar

According to a recent post from Check Point Research, a new phishing campaign is actively targeting users across the globe. This phishing campaign abuses Google Calendar to bypass anti-spam security filters and reach victims.

Specifically, the attack begins when the victim user receives phishing emails with malicious Google Calendar invites and connecting links to Google Forms or Google Drawings. Since the emails exploit the legitimate Calendar domains, they will likely bypass spam checks and reach users’ inboxes.

Opening these emails and interacting with the embedded links takes the victim to another link with a fake reCAPTCHA. Passing through this phishing element takes the victim to another attacker-controlled website resembling legitimate services such as Bitcoin support or crypto mining. The victim must then enter financial details on these web pages, which they could use for any other malicious activity.

The researchers have shared the details about this attack strategy in their post.

Recommended Mitigations

While the attack seems tricky, it’s easy for anyone to avoid such threats if they know what emails they should trust. Ensuring clicking on emails from trusted sources, double-checking the legitimacy of the email content via other means, and keeping the work systems up-to-date with the latest security patches can avoid many threats.

Moreover, users should also employ robust security best practices to minimize the probability of threats. These include deploying security checks to warn you of third-party apps, implementing multi-factor authentication to secure logins, and using robust email security solutions that proactively detect and block such threats.

For the above-mentioned campaign, Google asks users to enable the “known senders” setting in Google Calendar.

We recommend users enable the “known senders” setting in Google Calendar. This setting helps defend against this type of phishing by alerting the user when they receive an invitation from someone not in their contact list and/or they have not interacted with from their email address in the past.

Let us know your thoughts in the comments.

You may also like