Some time ago @mubix tweeted about spam that entered Google Calendar, he felt he had never published his calendar, and did not find the e-mail associated with the purchase of iPhone XS Max (according to the tweet). When I saw the tweet, I was intrigued that spammers were getting better at it.
This morning I was surprised by the notification reminder on my calendar (unfortunately I swiped it) that my Samsung S10 was ready to be taken (huh ?!).
Google is aware on this, the Google calendar team responded (in @mubix’s reply)
For recipients of calendar notifications from the spammer, you are advised not to visit the links found on the calendar. The contents of the link usually lead us to a fake form that asks us to provide sensitive information such as email addresses, passwords, telephone numbers, etc.
The malicious link on my spam calendar happened to be inactive, but still, the opportunity for spammers to trick mobile users became more wide open. Stay alert guys.