Google Calendar Spam

Some time ago @mubix tweeted about spam that entered Google Calendar, he felt he had never published his calendar, and did not find the e-mail associated with the purchase of iPhone XS Max (according to the tweet). When I saw the tweet, I was intrigued that spammers were getting better at it.

This morning I was surprised by the notification reminder on my calendar (unfortunately I swiped it) that my Samsung S10 was ready to be taken (huh ?!).

Google is aware on this, the Google calendar team responded (in @mubix’s reply)

For recipients of calendar notifications from the spammer, you are advised not to visit the links found on the calendar. The contents of the link usually lead us to a fake form that asks us to provide sensitive information such as email addresses, passwords, telephone numbers, etc.

The malicious link on my spam calendar happened to be inactive, but still, the opportunity for spammers to trick mobile users became more wide open. Stay alert guys.


Posisi saya saat ini sebagai direktur dan pemilik PT Spentera, sebuah perusahaan yang fokus dalam bidang penetration test, incident response, intrusion analysis and forensic investigation.

Saya juga berkontribusi untuk repositori eksploit Metasploit Framework sebagai pengembang kode eksploit. Saat ini memegang sertifikasi dari Offensive Security Certified Professional (OSCP), Offensive Security Certified Expert (OSCE), ISO/IEC ISMS 27001: 2013 Lead Auditor/Auditor, GIAC Certified Intrusion Analyst (GCIA), dan Offensive Security Exploitation Expert (OSEE).

Jika ingin menghubungi saya dapat melalui email bisnis di tom at spentera dot id atau pribadi di me at modpr0 dot be

Articles: 64

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.