Saturday, October 1, 2022
HomeCyber Security NewsHACKERS USING CALENDARS FOR PHISHING ATTACKS

HACKERS USING CALENDARS FOR PHISHING ATTACKS

Author

Date

Category

Phishing attacks have been around for years and they never seem to go away. The latest phishing technique is to fool users into thinking they’re receiving an email invite to schedule a meeting when in reality the email is a phishing email designed to steal credentials.

The initial track of attack is done by the generation of the email which occurs on the Calendar medium. It tells the user of the email that your meeting is scheduled with the date and time information. What the user doesn’t know is that this meeting is fake and meant to trick them into transferring funds, and giving up personal information. If more than that then just becoming a malware victim !!

Misusing Calendars

Phishing emails may mistakenly be generated on the Calendly platform that informs recipients they have new fax docs.

To create these event invitations, the cyber-criminals leveraged a Calendly feature which allows users to create custom templates and added a malicious link within the event page.

The link which is provided inside the space of the document is ingrained inside the calendar. In case, if you happen to hit a click on it then automatically the user will be sent to the malware page, where all credentials will be stolen. Sometimes the attackers would blur the information, to confuse users in some manner. Also, usually, the destination of the link takes the user to fill in some login form which was faking to be Microsoft.

If the person using this device enters in their credentials, they will be sent to the threat actors, while the victim of this scam will be prompted to enter their credentials again because they allegedly entered an incorrect password.

This is one technique criminals use to steal passwords. They will force the user to duplicate their credentials and they are less likely to make a typo.

If you were the victim, you would fill out a form with your email to verify via email. If this is the second time you are attempting to access your account, you will be continually redirected to your account.

Points To Be Noted
  • Attacks such as these attempt to get users to divulge their login credentials in a variety of ways, including asking them to view a blurred document and having them fill out the form twice.
  • Phishing pages come with URLs outside of the Microsoft or Calendly domains and will require you to use SharePoint credentials.
  • A password manager can be used to resolve the issue of overlapping URLs. Just in case, the URL does not equally match up with the storage done inside the crypt, it won’t spread across.
Manipulation of Softwares

Cybercriminals are using some unsuspecting tools to increase their chances of success. Another day, another phishing attack, but this one is a little different because the attackers are using popular scheduling software to generate their emails – software that many people use to schedule meetings with clients and customers. So you are in a better position to be tricked!!

Forcing Scenarios onto Users

Phishing attackers are trying to trick people into giving their bank account numbers. Chapter 16 of the book, “Cybersecurity Basics,” has a scenario where this type of attack is used. The attacker sends an email that claims to be from a legitimate company and asks for personal information. The email also includes a link to what appears to be the company’s website for authentication purposes. Instead, when the person clicks on the link, they’re taken to the attacker’s website and are prompted for their bank account or credit card number.

Why phishers are using this service

Phishing attacks are becoming more and more popular as a means to steal information from people. One new trick that phishers are using is sending links to shared events with clients on your company’s calendar for meetings. Once the victim clicks the link, malware downloads onto the device and steals credentials from emails, and bank accounts.

How to prevent being a victim of a phishing attack
  • Don’t open email links you don’t recognize
  • If you do receive a suspicious email, call the sender to verify their identity
  • Report emails that seem malicious
How do they use it?

The way people are using their calendaring systems is attracting phishing attackers. This is because it’s easy to upload meeting invites and share them with people. The problem is that many of the users don’t realize that the meeting invite they received could be fake, so they accept it and go to the event location. An attacker can use that opportunity to steal information from those who were tricked into going to the meeting.

Phishing scams are becoming more and more common, especially with the introduction of email phishing campaigns in the past few years. A recent report from Proofpoint has shown that some attackers have now found a new way to attack their victims by abusing the Calendly service.

RECENT HERE