Previous All Posts Next

New Scam Targets 1.5 Billion Gmail Calendar Users

Posted: July 11, 2019 to News.

Tags: Malware, Data Breach, Compliance

Scammers are using Google's Calendar app to trick users into clicking on phishing links that upload malware hidden in a java script. Over 1.5 billion users are at risk. Scammers send a calendar invite complete with meeting topic and location to fool users into clicking the innocent and valid looking link poised to send them more meeting details. Phishing is still the #1 threat action used in social engineering attacks, and spear phishing in particular, takes advantage of your users’ socially networked lives says KnowBe4. Users can now add Calendar invites to their list of risks. Security awareness training helps organizations minimize their risk of viral infiltration by educating staff about the details of current hacker tactics. Calendar invites need to be added to current awareness training and reinforces the need for continual diligence on the part of an organization's IT security team. Especially given the fact that automated security tactics like email filters have a 10% failure rate.

Related Articles

FBI Issues Warning for Gmail, Outlook, AOL, and Yahoo Users FBI Issues Warning for Gmail, Outlook, AOL, and Yahoo Users Top 3 MFA Bypass Attacks: MFA Fatigue, Token Theft, and Machine-in-the-Middle Attacks Top 3 MFA Bypass Attacks: MFA Fatigue, Token Theft, and Machine-in-the-Middle Attacks Securing Microsoft 365 to Defend Against Machine-in-the-Middle (MitM) MFA Attacks Understanding and Defending Against MFA Machine-in-the-Middle (MitM) Attacks
Craig Petronella
Craig Petronella
CEO & Founder, Petronella Technology Group | CMMC Registered Practitioner

Craig Petronella is a cybersecurity expert with over 24 years of experience protecting businesses from cyber threats. As founder of Petronella Technology Group, he has helped over 2,500 organizations strengthen their security posture, achieve compliance, and respond to incidents.

LinkedIn Twitter About
Related Service
Need Cybersecurity or Compliance Help?

Schedule a free consultation with our cybersecurity experts to discuss your security needs.

Schedule Free Consultation
Previous All Posts Next