Fake Google Calendar invites are the newest phishing trend

Fake Google Calendar invites that appear to be from legitimate sources are the newest attack vector for scammers looking to steal information. Thanks to some clever header modification, the emails are modified to look like they're coming from official sources, like companies, or somebody that the victim knows. There are a few different formats that the attack can come in, but what they all have in common is a Google Calendar invite. The link eventually leads the victim to a page that's meant to collect personal information that can be used to compromise attacks, or even ask the user to enter sensitive financial information directly. 

The attacks have become more common in the past few weeks, according to researchers. Some 4,000 emails of this nature have reportedly gone out to hopeful victims within a four-week period, spoofing over 300 different brands. The attack was began to be detected by email scanning tools built into products like Gmail and Microsoft Outlook at some point, so attackers have changed things up. The fraudulent links will sometimes lead to pages in Google Forms or Google Drawings, or even involve a fake ReCaptcha screen. The end goal remains the same; lead the victim, who trusts the alleged source of the message, to a page where they can enter sensitive info for the attackers to later use. 

Google was contacted about the grift, and advised that users employ Gmail's built-in filtering rules, as well as the "known senders" setting. This will help to prevent would-be victims from opening the emails in the first place. Until a more comprehensive security fix is in place, remaining vigilant and only opening links from trusted senders or links that were expected to come in, is the best possible defense.