In a way, the efficiency that has made Google the technological powerhouse that it currently is has ended up being the very thing that malicious actors are exploiting in order to get the credentials of specific Gmail and Google Calendar users. The integration between these networks is a flaw that malicious actors are using. The way the scam works is that you will receive a fake notification from Google Calendar which, if you click it, would lead to a loss of data that would be stolen by the malicious actors responsible for this cybercrime.
Since users trust Google Calendar and other such apps, seeing a suspicious link is probably not going to raise any alarm bells so a lot of users are potentially going to suffer due to this kind of cybercrime. However, the fact that Google has notified its users of this kind of thing occurring is heartening because of the fact that it shows that the tech giant is taking active steps to try and prevent these cyber attacks from having too much of an impact on its user base.
Kaspersky advises users to turn off the automatic adding of calendar invitations by going to the “Event Setting” menu in Google Calendar and disabling the “automatically add invitations” option by enabling the “only show invitations to which I’ve responded” one instead. Furthermore, it is advised that “Show declined events” in the View Options section is also left unchecked.”, explained Davey Winder.
Sources: / .