HOWTO prevent unsolicited Google Calendar entries


Introduction


If you discovered this article because you’ve experienced a similar occurrence please note that Your GOOGLE account was not hacked. This is a way spammers are trying to get you to interact with them. 

Yesterday the calendar notification on my phone got triggered a few minutes past midnight. While I am particularly careful not to set alarms to go off during the night it sometimes happens.  Since I’ve made it a policy not to take my phone to bed with me, I got up walked to the table on which the phone was sitting and checked what was the notification associated with the chime.
The notification read “Your iPhone Xs is ready for PickUp”. I hadn’t created this reminder nor had I accepted a request from a third party on this topic.  Rather than go back to bed I decided to dive into the topic and investigate.

If you are not interested in the analysis of the topic jump to the section “How do I prevent this from happening?”.

Investigating the topic


The organizer has an email account that may confuse an untrained victim that this is in some way related to Google’s Cloud Identity and Access Management (IAM). The invite has a link to an Amazon sounding web site and has a parameter with a number that is probably used to identify which accounts clicked through (the hit rate).  Accounts that click through tell the sender that:
  1. The account is active;
  2. The person is more reactive to clicking links. This is used to improve their knowledge base helping them identify accounts that are more likely to fall victim to phishing attacks.

 The time zone of the message is Russian.



The notification is set to repeat multiple times and some occurrences are set at hours when people may be asleep. This approach is used to catch the recipient off guard as well as bother them into clicking the link. 



Attempting to access this site a few hours after the fact brought up this warning on my browser.  The advice for everyone is to back out at this stage.



Digging a bit deeper it seems that the domain is registered with a domain registrar based in Cyprus.  Cloudflare, a professional US company that offers CDN, DDoS mitigation, Internet security and distributed domain name server services, was protecting the domain.


How do I prevent this from happening and clean up these invites?



  1. Click the Gear icon in the Google Calendar app
  2. Choose the Settings option from the menu.
  3. From the General submenu choose the Event setting option.
  4. From the section “Automatically add invitations”,
  5. Select the option “No, only display invitations to which I have replied”.
Once the settings are applied, all calendar entries of this type will disappear.

Conclusion


Some might ask why Google would implement this feature.  It was convenient to have entries automatically added without having to acknowledge each entry. Sadly this option has been abused.  People who depend on such functionality need to decide what is best for them.  Maybe Google can implement a function that defaults to No unless you specifically way yes.

Comments

Post a Comment

Popular posts from this blog

20150628 Giarratana Circular

Statistics Date: Jun 28, 2015 4:34 pm Distance: 15.21 km Duration: 2h:35m:36s Avg Speed: 5.87 km/h Max Speed: 7.40 km/h Min Altitude: 489 m Max Altitude: 594 m Ascent: 249 m Descent: 261 m Route Open route in new window: https://www.google.com/maps/d/edit?mid=z6HKMq7G_wEk.keh2K8cXD6Cc&usp=sharing Photos (Geotagged) Open photos in new Windows: https://plus.google.com/photos/105470926677245165774/albums/6166646868710719889
Read more

HOWTO setup OpenVPN server and client configuration files using EasyRSA

Image
Introduction OpenVPN allows client computers to tunnel into a server over a single UDP or TCP port securely. This HOWTO article is a step-by-step guide that explains how to create the server and client OpenVPN configuration files that makes this possible. In the process this article explains how to create the public key infrastructure (PKI) so that a client can securely communicate with the server. OpenSSL is the foundation for the security functionality of OpenVPN. For this tutorial you will need the following software: OpenVPN. You can download the latest version of OpenVPN from https://openvpn.net/index.php/open-source/downloads.html EasyRSA is the tool people use to create the Public Key Infrastructure (PKI) for OpenVPN. Download the latest release of EasyRSA from https://github.com/OpenVPN/easy-rsa/releases . There is not installation required. Extract the contents of the archive into a folder. OpenVPN is available on various platforms. The generation of the
Read more

How To Reset the firmware, wifi on GoPro Hero 3, 3+ and sync it with latest version of GoPro Quik

Image
Like others, I fished out my old Go Pro HERO 3+ and found that I could not link to it via WiFi because I had forgotten the password. A quick search on the internet and it seems that there are still many users of this good, albeit old Action Cam. Some had purchased one off eBay or from a second-hand shop while others, like me, found it in a drawer and decided to repurpose it. If the GoPro has not been used for a while it might not be on the latest firmware. Note that these models are no longer supported. The common thread is that without the Wi-Fi SSID and password, it isn't possible to control the camera from the phone using GoPro's Quik software. I referenced these sites: 1.  HERO3/3+ Information And Troubleshooting : This is an official GoPro Site from where you can download the camera firmware and update the camera Wi-Fi for the HERO 3 and HERO 3+. 2.  Software Update and Reset for GoPro Hero 3, 3+ and 4 : This is another source for firmware (covers more models) and there is
Read more