The latest threat – which was discovered by the team at Check Point last month – is using Google Calendar alerts embedded within messages that can steal personal data.
There’s a worrying new email attack targeting Gmail users and you’d be wise to follow the latest advice from Google to make you stay safe.
To make the scam appear more convincing, hackers send out messages and calendar alerts that appear to come from well-known firms with some 300 brands thought to have been imitated to date.
Google is now aware of this new risk and is urging users to switch on the “known senders” setting in Google Calendar.
“This setting helps defend against this type of phishing by alerting the user when they receive an invitation from someone not in their contact list and/or they have not interacted with from their email address in the past.”
Firstly, hackers send out an email which includes a calendar file (.ics) with a link to Google Forms or Google Drawings. Users are then asked to click on another link, which is often disguised as a fake reCAPTCHA or support button.
After clicking, the user is forwarded to a page that looks like a cryptocurrency mining landing page or bitcoin support page.
These pages are actually intended to perpetrate financial scams. Once users reach said page, they are asked to complete a fake authentication process, enter personal information, and eventually provide payment details. It’s at this point hackers get access to accounts where they can steal money.
It’s a growing threat that shouldn’t be ignored, with Check Point saying researchers have spotted around 4,000 of these phishing emails in a four-week period.
