Google Calendar Phishing returnsDecember 29, 2008 – 5:33 AM
In his blog, Graham Cluley of Sophos alerts his readers to the return of Google Calendar phishing attacks. Originally spotted in the summer, Google Calendar phishing uses event invitations to Calendar users asking them to “Verify Your Account” or face account deletion. Victims of this phish are asked to accept the invitation and confirm their user name, password and date of birth, in their acceptance.
The invitations appear to contain the users full name, adding an element of authenticity to the phish, but this is due to it being sent by Google Calendar as a result of the invitation, which fills in the users full name. The phish appears to come from an email address such as [email protected], where XXXX is a four digit number. When the link is clicked on, users are taken to a real Google Calendar event information page that contains numerous grammatical and phrasing errors in the description of the event. The page claims “we are having congestions due to the anonymous registration of Gmail accounts so we are shutting down some Gmail accounts” before asking for the user’s Google credentials.