Don't Get Duped by This Sneaky Google Calendar SpamDespite what that Google Calendar invite says, you probably didn't win a bunch of money.
ByJake Leary•
This story originally appeared onPCMag
Are you drowning in calendar invites from people you don't know? There might be an ominous reason: According to cybersecurity firm Kaspersky Labs, crafty scammers haveweaponized Google Calendarby taking advantage of a setting you probably didn't know about.
Google automatically allows anyone to send you invitations unless you dig into the app's settings menu and turn off the feature. This permits your new office mates to add you to weekly meetings or lets a potential friend invite you to coffee, but it also grants bad actors the same power.
根据卡巴斯基,垃圾邮件发送者可以nd you phony invitations with links to websites congratulating you on a recently discovered windfall. The calendar's topic and location fields typically include a short bit of enticing info about your suspiciously good luck to encourage you to keep clicking. If you move on, you'll face a page prompting you to enter banking or credit card information and a flimsy explanation as to why they need your money before they can pay you in full.
These phishing attempts seem obvious, but they have an advantage over traditional email scams. Maria Vergelis, a security researcher at Kaspersky, suggests the attack's novelty makes it dangerous.
"The 'calendar scam' is a very effective scheme, as currently people have more or less got used to receiving spam messages from e-mails or messengers and do not immediately trust them," Vergelis said. "But this may not be the case when it comes to the Calendar app, which has a main purpose to organize information rather than transfer it."
A similar scam hit Apple Calendarsin late 2016.
Kaspersky recommends turning off the "automatically add invitations" option in Google Calendar's Settings and deselecting the "show declined events" box in the nearby View Options menu. If you're still unsure how to navigate potential scams, check out PCMag's guide on how todetect and avoid phishingattempts.