13:46 GMT26 November 2020
Listen Live
    Viral
    Get short URL
    0 11
    Subscribe

    According to The Independent, the flaw allowing scammers to trick Google Calendar users into exposing their personal details was first detected in 2017. The schemers use its setting that automatically adds an event from an email invitation into a person’s calendar, even if the message was unwanted.

    Google is “working diligently” to eliminate a weakness that could allow perpetrators to steal the sensitive data of Google Calendar users, the company stated in an update to the Help page for the service.

    “We’re aware of the spam occurring in Calendar and are working diligently to resolve this issue. We’ll post updates to this thread as they become available ... Thank you for your patience,” the company told its users.

    A hacker could exploit a default setting that automatically adds events into a user’s calendar if he or she gets a corresponding invitation via email, even if it is spam. After one clicks an event in the Google app, he or she is re-directed to an official-looking page that asks the user to provide sensitive info, including financial details.

    While the company is still trying to fix the mechanism, it urges clients to be on the lookout and report any unsolicited invites as spam, which would delete the connected event and all other events by its organiser from the client's calendar.

    The Independent points out that although the simple scam was first discovered two years ago, the tech giant has been working to fix it only recently. In the meantime, the number of Gmail and Calendar apps users is about 1.5 billion people, as the services are available to anyone who has a Google account.

    Related:

    Trump Says There 'May or May Not Be National Security Concerns' in Regards to Google-China Ties
    Google Warns US of National Security Risks From Huawei Ban – Reports
    Security Flaw Let Hackers Snoop on iPhone Users and Steal Their Data for Years, Google Reveals
    Tags:
    hacker, Google, United States
    Community standardsDiscussion