TECH
![Cibercriminosos usam calendário no celular para dar golpes - Photo by Estée Janssens on Unsplash]({"default":{"load":"default","w":"80","h":"31","src":"//img-s-msn-com.akamaized.net/tenant/amp/entityid/AADlH46.img?h=314&w=799&m=6&q=60&o=f&l=f"},"size3column":{"load":"default","w":"62","h":"24","src":"//img-s-msn-com.akamaized.net/tenant/amp/entityid/AADlH46.img?h=245&w=624&m=6&q=60&o=f&l=f"},"size2column":{"load":"default","w":"62","h":"24","src":"//img-s-msn-com.akamaized.net/tenant/amp/entityid/AADlH46.img?h=245&w=624&m=6&q=60&o=f&l=f"}})
Cybercriminals use calendar on cell phone to hitKaspersky experts have detected a sophisticated scam made through unsolicited fraudulent notifications in Google Calendar that trick users into providing personal information. This technique uses a free calendar service that automatically adds invitations and events to users' calendars. The attacks occurred throughout the month of May.
Spam and phishing scams that exploit unconventional attack vectors can be profitable for criminals as they are able to catch up with savvy users who would not be fooled by a common threat. This is especially true when using legitimate and trusted services, such as the standard email calendar features explored by calendar phishing.
It was found that the various unsolicited notifications in the calendars that were detected during the month of May are the result of a wave of sophisticated spam sent by scammers. The emails exploited a common feature common to those who use Gmail on their mobile phone: automatic addition and notification of calendar invitations. Fraud begins with sending an unsolicited calendar invitation containing a link to a fake page. A pop-up notification appears on the smartphone home screen and the user is encouraged to click the link.
In most of the observed cases, the user was redirected to a site where there was a simple questionnaire and a cash prize. In order to receive it, the victim must make a "correction" payment by providing personal and credit card information such as name, telephone number, and address. These data go directly to the scammers, who use them to steal money or their identity.
"The" calendar hit "is a very effective scheme as people have become more or less accustomed to receiving spam by email or instant messaging and no longer trust them. However, this may not happen when it comes to the Agenda application, whose main purpose is to organize information and not transfer it. So far, the text of the samples we have presented has a clearly odd offer, but in fact, all schemes become more elaborate and efficient over time. The good news is that no sophisticated precaution is needed to avoid this blow. You can easily disable the feature in calendar settings, "explains Maria Vergelis, a security researcher at Kaspersky. Kaspersky
No comments:
Post a Comment