New Phishing Campaign Exploits Google Calendar To Evade Filters

Researchers have identified a persistent phishing attack that is leveraging Google Calendar to circumvent security measures. The attackers are engaging in an aggressive campaign, targeting multiple organizations across different industries in a short period of time.

Phishing Campaign Exploits Google Calendar

As per a recent report from Check Point Research, a new phishing campaign is actively going after users worldwide. This phishing scheme exploits Google Calendar to bypass anti-spam filters and reach potential victims.

The attack initiates when users receive phishing emails containing malicious Google Calendar invites and links to Google Forms or Google Drawings. By utilizing legitimate Calendar domains, these emails can evade spam filters and land in users’ inboxes.

Upon opening the emails and interacting with the embedded links, users are directed to a fake reCAPTCHA page. Successfully passing through this phishing element leads users to another website controlled by the attackers, masquerading as legitimate services like Bitcoin support or crypto mining. Users are then prompted to enter financial information, which could be used for malicious purposes.

The researchers have provided detailed information about this attack methodology in their report.

Recommended Mitigations

While the attack may be sophisticated, individuals can protect themselves by being cautious about which emails they trust. It is essential to only click on emails from trusted sources, verify the legitimacy of email content through other means, and keep systems updated with the latest security patches to mitigate many threats.

Additionally, users should implement strong security practices to reduce the risk of falling victim to such attacks. This includes using security checks to alert users of third-party apps, implementing multi-factor authentication for secure logins, and utilizing robust email security solutions that can detect and block potential threats proactively.

For the specific campaign mentioned above, Google recommends users to enable the “known senders” setting in Google Calendar.

We recommend users enable the “known senders” setting in Google Calendar. This setting helps defend against this type of phishing by alerting the user when they receive an invitation from someone not in their contact list and/or they have not interacted with from their email address in the past.

Share your thoughts in the comments section below.