Google Calendar phishing scam

Posted by Jacek on January 8th, 2009 filed in email security

The phish looks like a genuine Google Calendar event invitation. It has more credibility than usual as it uses genuine gmail account and addresses the recipient by his/her real name – therefore is highly probable to fool the antispam software. After clicking the invitation the recipient is taken to a real phisher’s Google Calendar.

And this is where it gets suspicious. The event invitation contains a notice, supposedly from ‘Gmail Customer Care’, claiming that due to some difficulty Google will close the recipient Gmail account lest they send their Google username, password and date of birth. Although it is clearly suspicious, whenever you receive such notice from Google one may ignore the warning light.

As with many spam attacks we may notice some misspellings to fool the antispam software. Remember, never send anything to the Google “Customer Varifaction” department. We should at least assume that Google at least uses spellcheck…

Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • StumbleUpon
  • Reddit
  • Webnews
  • MisterWong
  • Y!GG

Leave a Comment