You can now block invitation phishing attempts using Google Calendar

by Alexandru Poloboc
Alexandru Poloboc
Alexandru Poloboc
News Editor
With an overpowering desire to always get to the bottom of things and uncover the truth, Alex spent most of his time working as a news reporter, anchor,... read more
Affiliate Disclosure
  • Google comes to the aid of users and helps them fight hackers.
  • The latest changes made to the Calendar will surely be of use to us.
  • So, now it's easier to block unwanted Google Calendar invitations.
  • These invitations are used by threat actors to send unwanted content.
google calendar

Are you tired of all the invitations you are receiving via your Calendar and would like to also impede malicious third parties from setting you up for failure?

Well, Google now makes it easy to block unwanted calendar invitations, commonly used by threat actors in phishing and malicious campaigns, from being added to your Google Calendar.

In order for this to be achieved, the company improved the Automatically add invitations setting in the Calendar options.

Now, you can choose between having invitations automatically added to your calendar or only having them added if you have responded to the email event invitation.

Google modifies Calendar settings to prevent phishing

Google explained that these additional controls can help you manage your calendar with less manual work by ensuring unwanted events don’t appear, and you see only the events that are important to you.

The new feature started gradually rolling out at a Rapid Release pace to Google Workspace customers, G Suite Basic and Business customers, and users with personal Google Accounts.

About time, considering that Google has been working on a solution to block spammers from automatically spamming Google Calendar users with malicious invitations for some time now.

Many didn’t even notice this issue at first, while at the same time, some of these spam events were redirecting potential victims to phishing landing pages via malicious URLs.

The end goal of these attacks is to harvest the targets’ credentials or infect them with malware via malicious sites.

Such actions can actually reach millions of people, given the fact that Google Calendar is available on all desktop platforms as a web app and for mobile platforms via Android and iOS mobile apps.

To have an idea of the scale, the Google Calendar Android app alone has been downloaded 1,000,000,000 times, according to its Play Store entry.

So, imagining the magnitude of such an internet catastrophe isn’t really that hard. So make sure you are taking all security measures and keeping your sensitive information protected.

Have you ever received some sketchy Google Calendar invitations? Share your experience with us in the comments section below.

This article covers:Topics: