"Microsoft and Google Users Targeted by Threat Actors on Free Calendar App"

Hackers using free sites and apps to send phishing emails and to download host malware. A report from infosecurity firm Inky, warns that a free calendar app called Calendly which runs on Microsoft 365 and Google Workspace invites users to click on a new document received. If clicked, the users are sent to bogus events in a credentials harvesting operation. By hovering over the link, security minded users could have seen that the link led to a hijacked site listed in the Google, Firefox, and Netcraft threat feeds. But most users would have missed this tell and entered account names and passwords. Inky started the investigation after being alerted by users of Google Workspace and Microsoft 365 about suspicious documents in their inboxes.

Cybernews reports "Microsoft and Google Users Targeted by Threat Actors on Free Calendar App"

Submitted by Anonymous on