I've received a bunch of calendar invites for "Free i PhoneXs from AppleStore" with a malicious link. Seems like this is now being used for phishing attacks.
Was having the same problem. Fixed it by disabling the adding events from Gmail automatically according to the Google instructions. I would rather choose what hits my calendar anyway.
I can confirm it's being actively exploited this morning (I had a few folks I know complain about it). I think I should point out that the article was written in 2017 (!!!), and Google responded that this is a "feature".
I've been getting a lot more recently - seemingly being added from Gmail spam (either that or I'm getting directly injected calendar spam and the same as emails coming through). I don't want to turn off syncing as actual bookings being automatically added are useful.
Got some too. What's super weird though, these calendar invites appear to have been sent from my iCloud email address to my gmail address, and also appear in the sent folder of my @me.com address: https://i.imgur.com/tz2TUh5.png
Anyone else can check in your gmail spam folder if you have those emails too and where they came from?
Same happened to me last night, I reviewed all my access rights on security.google.com, couldn't find anything wrong. Reviewed my calendar access rights, couldn't find anything wrong.
Hey everyone - Seth here from Google. I'm sorry to hear this is happening. This post is from November 2017, and we've taken steps to reduce calendar spam. If you have specific invitations that came with an email, please forward the entire email to [email protected]. If it did not come with an email, please copy the calendar details and a screenshot into an email and send it to [email protected].
In the last weeks, I had several events on my Google Calendar that I did not create or accepted. They looked like they were in Russian, but I can't be sure. I marked as spam and deleted them, of course, but the next week a different one appeared. Anyone else is going through the same and have any advice?
Same here, and I suspect this article explains the mechanism.
For weeks, I've been getting escalating numbers of events. It is up to 4 or 5 new invites per day, each with daily repeats. My calendar settings are locked down (eg "Events from Gmail" off) and already have 2FA on the account. Next step for me is to delete gmail calendar entirely.
I went to bed last night with a clean calendar, this morning I have 3 spam invites - 2 in Cyrillic alphabet, one "You have won iPhoneXs. Gotta love 3:55 AM wake-up alerts...
Had the same happen, searched around and it seemed to be caused by the Gmail feature that automatically creates events from invitation emails you receive, even if they land in spam. Spammers seemed to be using that to their advantage, so I just turned the feature off.
EDIT: The original article covers this and more, go read it :)
Got hit by this. Super annoying. It's not through email. It just showed up in calendar. There's no way to know the original scheduler and no way to mark it as spam.
There's a variant to this, the calendar event triggered by an event invitation. Again no way to delete it except decline the event. Should have a report spam button in the calendar app.
There has been a fresh wave of folks exploiting it recently (I have had a few people complain in the past 12 hours about calendar spam). Google apparently stands by the fact that it is a "feature"
A Report SPAM button on calendar invites would seem to be in order, so I don't have to manually delete each of these from the same address, and so Google can ban the offending account quickly.
The fact that we now need a spam button on our calender is ridiculous.
How long until advertisers pay <calendar provider> to add events to our calendars such as take Mom to <resturant> for Mother's Day, Watch <movie> on its release day, Go To <store> on its grand opening, etc?
(Please take this as a warning, not a "feature" suggestion.)
Kudos to BHIS for the post and detail. I've been seeing these pop into my Google Calendar randomly for the past few weeks; obvious phishing attacks. You can easily delete them of course, but definitely an annoyance.
Same here, mine was from a spam email that hadn't been caught properly by Gmail and was later removed. Really great article, didn't know about the 3 settings which would have stopped me getting the notification as not accepted.
> Oct 31 – Google responds stating it’s a feature and the settings provide users the ability to disable
I mean, I can understand the benefit of the feature. Isn't it impractical though that the only options are everything (including spam/injected events) or nothing? Why even have the feature then if they're not going to provide any mitigation?
Try logging into the firebase console. I had been added to two spam projects there. Filed a support request 2 days ago to get removed from them (as I cannot remove myself) and got a response saying 'we are looking into this'... now silence.
3) Click Event Settings and set "Automatically add invitations" to "No, only display invitations to which I have replied"
Edit: if you want to disable event auto-add from Gmail while you're at it, click Events from Gmail then untick "Automatically add events from Gmail to my calendar"
What I want to know is why the hell did Google ever think this was a good idea? I hardly even use Google Calendar and yet I had a spam notification about an "iPhone X" delivered direct to me.
The most amazing thing about this is only that spammers didn't exploit it earlier. Or maybe they did but kept a lower profile?
It's a convenience thing. Without spam invites it's super nice to have events from friends and family pop up without having to make sure I didn't miss anything.
[+] [-] andrejus|6 years ago|reply
I believe API abuse can be reported -- https://support.google.com/code/contact/cloud_platform_repor...
[+] [-] ZoomStop|6 years ago|reply
https://support.google.com/calendar/answer/6084018
[+] [-] kop316|6 years ago|reply
Thank you to OP!
[+] [-] patch_collector|6 years ago|reply
[+] [-] wastedhours|6 years ago|reply
[+] [-] tabs_masterrace|6 years ago|reply
Anyone else can check in your gmail spam folder if you have those emails too and where they came from?
[+] [-] chli|6 years ago|reply
Glad to have an explanation for this phenomenon.
[+] [-] draxofavalon|6 years ago|reply
[+] [-] kburman|6 years ago|reply
[+] [-] faramarz|6 years ago|reply
in the process disabled the automatic fetching of events from my emails which was causing double bookings; ahh!
[+] [-] macNchz|6 years ago|reply
[+] [-] jolesf|6 years ago|reply
[+] [-] sethvargo|6 years ago|reply
You can use this form for reporting mail/calendar abuse: https://support.google.com/mail/contact/abuse
[+] [-] rcfox|6 years ago|reply
[+] [-] 101008|6 years ago|reply
[+] [-] notusererror|6 years ago|reply
For weeks, I've been getting escalating numbers of events. It is up to 4 or 5 new invites per day, each with daily repeats. My calendar settings are locked down (eg "Events from Gmail" off) and already have 2FA on the account. Next step for me is to delete gmail calendar entirely.
I went to bed last night with a clean calendar, this morning I have 3 spam invites - 2 in Cyrillic alphabet, one "You have won iPhoneXs. Gotta love 3:55 AM wake-up alerts...
[+] [-] MatekCopatek|6 years ago|reply
EDIT: The original article covers this and more, go read it :)
[+] [-] blck|6 years ago|reply
I also got added to what looked like a Russian Hangouts group chat with over 100 people in it.
[+] [-] superzadeh|6 years ago|reply
[+] [-] ww520|6 years ago|reply
There's a variant to this, the calendar event triggered by an event invitation. Again no way to delete it except decline the event. Should have a report spam button in the calendar app.
[+] [-] erikerikson|6 years ago|reply
[+] [-] sdoering|6 years ago|reply
Not sure what happened in the nearly two years since this post went public. But at least we would now, that this is not a current disclosure.
[+] [-] kop316|6 years ago|reply
[+] [-] sctb|6 years ago|reply
[+] [-] chronid|6 years ago|reply
https://support.google.com/calendar/forum/AAAAd3GaXpEE7zPvtA...
[+] [-] flanbiscuit|6 years ago|reply
[+] [-] djake|6 years ago|reply
Edit: it appears you can do this on desktop but not mobile: https://support.google.com/calendar/answer/6110973?co=GENIE....
[+] [-] serf|6 years ago|reply
there is one, and it works exactly like that. A single spam report kills all of the events from that sender.
[+] [-] RandomBacon|6 years ago|reply
How long until advertisers pay <calendar provider> to add events to our calendars such as take Mom to <resturant> for Mother's Day, Watch <movie> on its release day, Go To <store> on its grand opening, etc?
(Please take this as a warning, not a "feature" suggestion.)
[+] [-] hellogoodbye|6 years ago|reply
[+] [-] icecap12|6 years ago|reply
[+] [-] Jonnax|6 years ago|reply
When a friend sends me an invite on Google from their Gmail to my Gmail, I get an email.
I didn't think there was another mechanism.
[+] [-] Jivatman|6 years ago|reply
[+] [-] NikolaeVarius|6 years ago|reply
[+] [-] arejaytee|6 years ago|reply
[+] [-] jplayer01|6 years ago|reply
I mean, I can understand the benefit of the feature. Isn't it impractical though that the only options are everything (including spam/injected events) or nothing? Why even have the feature then if they're not going to provide any mitigation?
[+] [-] diveanon|6 years ago|reply
It was the straw that broke the camel's back.
[+] [-] latchkey|6 years ago|reply
[+] [-] vaseem|6 years ago|reply
[+] [-] vaseem|6 years ago|reply
[+] [-] conatus|6 years ago|reply
[+] [-] SturgeonsLaw|6 years ago|reply
2) Click the Settings Gearwheel then Settings
3) Click Event Settings and set "Automatically add invitations" to "No, only display invitations to which I have replied"
Edit: if you want to disable event auto-add from Gmail while you're at it, click Events from Gmail then untick "Automatically add events from Gmail to my calendar"
[+] [-] hkai|6 years ago|reply
[+] [-] jeanlucas|6 years ago|reply
[+] [-] ChrisSD|6 years ago|reply
The most amazing thing about this is only that spammers didn't exploit it earlier. Or maybe they did but kept a lower profile?
[+] [-] rtkwe|6 years ago|reply
[+] [-] J_cst|6 years ago|reply