Backup-Everything-UK-Cloud-Backup-Online-Backup-Remote-Backup

.

Kaspersky finds scammers abusing Google Calendar feature to lure consumers into sharing personal information

Woburn, MA – June 10, 2019 — /BackupReview.info/ — Kaspersky experts have detected multiple cases of a sophisticated scam targeting consumers through fraudulent, unsolicited Google Calendar notifications that lure them into giving away personal information. The attacks, which were observed targeting victims throughout May, abuse a specific feature of a free online calendar service that adds invitations and events to users’ calendars automatically.

Spam and phishing threats that exploit non-traditional attack vectors can be lucrative for criminals, as they can often successfully trick users who might not fall for a more obvious attack. This is particularly true when it comes to trusted legitimate services, such as email calendar features, which can be exploited through so-called “calendar phishing.”

Kaspersky observed multiple, unsolicited pop-up calendar notifications appearing for Gmail users during May. This turned out to be a result of a blast of sophisticated spam emails sent by scammers. The emails exploited a common default feature for people using Gmail on their smartphone: the automatic addition and notification of calendar invitations.

The fraud occurs when the perpetrator sends an unsolicited calendar invitation carrying a link to a phishing URL. A pop-up notification of the invitation appears on the smartphone’s home screen, and the recipient is encouraged to click on the link.

In most of the cases observed, the user was redirected to a website that featured a simple questionnaire and offered prize money upon completion. To receive the prize, the user was asked for a “fixing” payment, for which they need to enter their credit card details and add some personal information, including their name, phone number and address. Instead of being used to deliver the prize, this information went straight to the scammers who can exploit it to steal the victim’s money or identity.

“The ‘calendar scam’ is a very effective scheme, as most people have become used to receiving spam messages from emails or messenger apps,” said Maria Vergelis, security researcher at Kaspersky. “But this may not be the case when it comes to the Calendar app, which has a main purpose to organize information rather than transfer it. So far, the sample we’ve seen contains text displaying an obviously weird offer, but as it happens, every simple scheme becomes more elaborate and trickier with time. The good news is that it’s fairly easy to avoid such a scam – the feature that enables it can be easily turned off in the calendar settings.”

To avoid falling victim to malicious spam, Kaspersky researchers advise users to:

  • Turn off the automatic adding of invitations to your calendar. To do so, open Google Calendar, click the settings Gear Icon, then on Event Settings. For the ‘automatically add invitations’ option, click on the dropdown menu and select ‘No, only show invitations to which I’ve responded’. Below this, in the View Options section, make sure ‘Show declined events’ is NOT checked, unless you specifically wish to view these.
  • If you are not sure whether a website you are redirected to is real and safe, never enter personal information.
  • Use a reliable security solution for comprehensive protection from a wide range of threats, such as Kaspersky Security Cloud – https://usa.kaspersky.com/security-cloud

Read the full report on Kaspersky Daily.

About Kaspersky
Kaspersky is a global cybersecurity company founded in 1997. Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky technologies and we help 270,000 corporate clients protect what matters most to them. Learn more at usa.kaspersky.com

Media Contact
Sarah Kitsos
sarah.kitsos@kaspersky.com
781.503.2615

Source: Kaspersky

 

 

 

General Tags: online backup, compare online backups, online backup news, top rated online backups, online data backup, online backup reviews, online file backup, CEO interviews, online file storage, data security, online backup companies, online backup providers directory, cloud computing, software as a service, data storage, SaaS, backing up online, online backup services

Like us on Facebook




===========================
Do you like this post? Subscribe to our RSS feed ===========================



Share/Save/Bookmark

Related posts:

  1. Number of Mobile Malware Attacks Doubles in 2018, as Cybercriminals Sharpen their Distribution Strategies
  2. Kaspersky Lab Spam and Phishing in Q2 2015 Report: Exploiting World Events and Targeting the Vulnerable with ‘$2 million’ Offers
  3. Cybercriminals Using Popular TV Shows to Spread Malware, Finds Kaspersky Lab
  4. Kaspersky Lab Patents Method to Protect Cloud Services from Cybercriminals
  5. Special Delivery: Cybercriminals Use Pirated Software to Secretly Infect PCs for Cryptocurrency Mining
  6. Kaspersky Lab Identifies Alarming Trend: Cybercriminals are Focusing Heavily on Businesses
  7. Carbonite Online Backup: Keep the Holidays Happy with Protection for Your Smartphone Photos & Videos
  8. Kaspersky Lab Finds Phishing Attacks Hit Almost 500 Million Users in 2018
  9. Phishers and Spammers Lurk Behind Thousands of Fake Flight and Accommodation Offers

Tags: ,