Google investigating Gmail-Calendar scam that can steal your cash

    Back in June, we told you about a scam involving the Gmail and Google Calendar apps. Criminals, taking advantage of a default feature that allows them to add invitations to a Calendar user’s schedule via Gmail, were creating fake events like wire transfers. The description of the event would note that an important piece of information, such as the bank account owner’s PIN number, was missing.
    A notification from the Calendar app would show up on the phone, and when tapped, would link to an official-looking form where the PIN number could be filled in and sent back to the scammer. And because the notification came from the trusted Google Calendar app, the victim would have no reason to question its authenticity.
    In another variation, a fake Calendar entry might say that the phone owner just won a contest and needs to provide his/her social security number for tax purposes. Again, a notification would appear on the phone and the target would tap on a link to reveal an official-looking document. The victim enters his social security number and his bank and brokerage accounts are subsequently drained.
    Google has finally taken notice of the scheme and recently put up a post on the Calendar Help page (via Forbes). The message reads, “We’re aware of the spam occurring in Calendar and are working diligently to resolve this issue. We’ll post updates to this thread as they become available. Learn how to report and remove spam.
    Thank you for your patience.” It is more than a little self-serving that Google refers to this as “spam” when the truth is that a real security threat has been identified. On the other hand, Google has included a useful link in its post that tells users what to do in case a suspicious event appears on their phone.
    Google warns users not to respond to event invites from their phone, Instead, from a desktop or laptop computer, you should open the desktop Google Calendar app at After double-clicking on the auspicious event, on the top of the screen tap on More Actions and then Report as Spam.

    The scam or security issue was first discovered by researchers back in 2017

    There is also a way to change the settings on Google Calendar to prevent this from happening to you. Go into the Google Calendar settings and under “Event,” change the setting from “Automatically add invitations” to “No, only show invitations to which I have responded.”
    At the same time, you should prevent Gmail entries from automatically adding events on the Calendar app by unchecking the box marked “Add automatically” under the “Events from Gmail” heading. These are changes that we told you to make back in June and now that Google is getting involved, you might want to take the time to protect yourself from this scam.
    The fact that Google is now looking into this indicates how dangerous the issue is. Outside of stealing money from unsuspecting consumers (who are trusting the Google name, we should point out), security codes and other secret information could be obtained by terrorists with a goal far more deadly than stealing some cash. First spotted by two researchers at Black Hills Information Security in 2017, the scam/security threat was not addressed by Google until a few days ago.
    The criminals trying to pull off this scheme are counting on the victims not paying attention to the notifications they are receiving. Blinded by prospects of receiving a bank wire or winning a contest, there are many phone owners who wouldn’t think twice about providing the requested information.
    Multiply this by the huge number of Gmail and Calendar uses and you can see why it is an enticing scheme for those who aim to separate people from their hard-earned money. Let’s just be glad that Google finally woke up before a plot more deadly was devised using two seemingly innocuous apps like Gmail and Calendar.

    Recent Articles

    Gmail’s dark mode is rolling out to Android phones. Turn it on now

    Here's how to turn on Gmail's dark mode in Android 10. With Android 10, Google lets you apply a system-wide dark theme...

    Google cracks down on some review rich results

    If your review rich results in Google search disappear, here is maybe why. Google announced it has applied an “algorithmic updates...

    ‘Pokémon GO’ Has Shiny Mewtwo Going Live Today, Remember Your Counters

    Ultra Bonus Week 3 has arrived as a result of the Global Community Challenge earlier this summer, and while the big news...

    Google Updates Search Algorithm to Reward Original News Reporting

    New algorithm and search rating guideline updates will focus on the first article about an event and...

    PhotoChromeleon Is A New Color-Changing Ink Developed By MIT

    A team of MIT researchers has managed to develop a sort of ink that can emit different colors depending upon the light...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox