Google Calendar provides new way to block invitation phishing

The Google Workspace team announced today that it started rolling out a new method to block Google Calendar invitation spam, available to all customers, including legacy G Suite Basic and Business users.

“To help keep your Google Calendar free from spam, you can now select an option to display events on your calendar only if they come from a sender you know,” the Google Workspace team said today.

As we previously reported in 2019, Google has been working on solutions to block bad actors from spamming Google customers with malicious calendar invites.

Two years later, the company finally made it easy to block unwanted invitations by adding a new “Automatically add invitations” setting, allowing only those previously accepted via email instead of having all invitations automatically added to the default calendar.

Such unwanted calendar invitations are commonly used by threat actors in phishing and malicious campaigns targeting Google Calendar users.

To get an idea of how many targets such an attack could reach, the Google Calendar Android app alone has been downloaded more than 1 billion times, according to the app’s Google Play Store entry.

Share this article on social media:

Subscribe to Our Newsletter!

Stay on top of cybersecurity risks, evolving threats and industry news.

This field is for validation purposes and should be left unchanged.

Recent News

Featured Services

The Latest Cybersecurity News

From major cyberattacks, newly discovered critical vulnerabilities to recommended best practices, read it here first:

BOOK A MEETING

Enter your Email Address

This field is for validation purposes and should be left unchanged.

* No free email provider (e.g: gmail.com, hotmail.com, etc.)

This site is registered on wpml.org as a development site. Switch to a production site key to remove this banner.