It's never planned to be hacked, but malware appears to be infiltrating people's calendars.
A new report warns Google users that malicious actors are trying to infect Google Calendar, slides and documents with information-stealing software.
According to Wireda scam involving target users on Google Calendar, that includes invitations containing phishing links disguised as legitimate, whether placed in the event description or in the initial invitation email. targets.
“The standard Google Calendar invitation comes with a link to both the event itself and the list of guests. Events are also included as .IC file attachments for opening in the Calendar app.” Wired explained.
“On the other hand, the event itself comes with a Google Drive description and a link embedded in the file. All of these elements are available in some way by bad actors.”
Checkpoint A December report found thousands of phishing emails discovered by cybersecurity researchers, identifying roughly 300 brands affected by the scam.
meanwhile, Google Docs and Slides They are also hijacked by bad actors to quietly steal sensitive information.
Tom's Guide A new type of malware known as “AcrStealer” reports being infected with tools like Google Docs to access users' computer systems.
“One of the main ways Infostealers spreads is to use illegal software, so make sure you download the software through legitimate websites and sources,” says Tom's Guide. We also advised on keeping it up-to-date and using multifactor authentication. Keep your account safe.
“Be careful if someone sends you a link to download software from unknown or unexpected sources. Know phishing emails and signs of attacks and how to avoid them, and unforeseen links and attachments Please do not click on the file.”
Wired also recommends that users only invite and click on the links of invitations they expect or know to be authentic. The outlet also warned them to stop immediately if “links lead anywhere except Google Calendar.”
“Even if you think you're using Google Calendar, double-check the browser address bar to check,” the publication said, adding to keep track of the sender's email address constantly.
