Geeks for your information Security Security Vendors Kaspersky Kaspersky Security Blog v
How spammers use Google services
How spammers use Google services
harlan4096 Offline
MalWare Zoo Team
*******
Posts: 14,441
Threads: 9,518
Thanks Received: 9,035 in 7,185 posts
Thanks Given: 9,810
Joined: 12 September 18
#1
Information  11 June 19, 06:35
Quote:
[Image: spam-through-google-services-featured-1.jpg]

As you know, Google is not just a search tool, but multiple services used by billions of people every day: Gmail, Calendar, Google Drive, Google Photos, Google Translate, the list goes on. And they are all integrated with each other. Calendar is linked to Gmail, Gmail to Google Drive, Google Drive to Google Photos, and so on.

It’s all very handy — register once and away you go. And there’s no need to mess around moving files and data between services; Google does everything for you. The downside is that online fraudsters have learned to exploit the convenience of Google services to send spam or worse.

Spam through Google services: Calendar, Photos, Drive, Storage, Analytics, and Forms

The spammer’s main task is to bypass the spam filter and deliver e-mail to your inbox. As it happens, Google services often send e-mail notifications to Gmail inboxes — and Google’s antispam module avoids flagging notifications from its own services as spam. With that in mind, let’s look at which Google services spammers use — and how.

Spam in Google Calendar

Naturally, if someone uses Google Calendar to arrange a meeting with you, you receive notifications about it. Well, spammers have recently taken to making appointments en masse.

Because Google Calendar is designed to let anyone at all invite you to a meeting, both Calendar and Gmail (which receives the notification) are totally fine with any John Doe scheduling a meeting with you.

Spammers use the location and topic fields to convey the details to you. Usually, their spam details consist of a short bit of text stating that you are entitled to a cash payment for some reason, and a link that supposedly lets you receive it.

After that, everything’s about the same — either it’s a phishing link from which the cybercriminals try to get your bank card details (ostensibly to send you the money), or they ask for some sort of transfer fee to be paid before the money is sent. (You’ll never see a dime, obviously.)

Attackers are also adept at using Google Calendar to set up fake polls for which a reward is likewise offered. And there is nothing to prevent them from using this same loophole to distribute other types of spam or phishing, as well as malware.
Continue Reading
[-] The following 1 user says Thank You to harlan4096 for this post:
  • silversurfer
Find
Reply


Messages In This Thread
How spammers use Google services - by harlan4096 - 11 June 19, 06:35

Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
K-Lite Codec Pack 18.8.5 / 18.8.9 Update
Changes in 18.8.9 ...harlan4096 — 07:13
Ubuntu 24.04.2 LTS / 25.04
Ubuntu 24.04.2 LTS...harlan4096 — 07:12
Microsoft Edge 135.0.3179.85
Version 135.0.3179...harlan4096 — 07:10
AnyDesk 7.0.0 for Linux
AnyDesk 7.0.0 for ...harlan4096 — 07:08
Intel releases AI Playground software fo...
Intel is open sour...harlan4096 — 07:07

[-]
Birthdays
Today's Birthdays
avatar (37)RobertUtelt
Upcoming Birthdays
avatar (44)wapedDow
avatar (43)techlignub
avatar (42)Stevenmam
avatar (49)onlinbah
avatar (50)steakelask
avatar (44)Termoplenka
avatar (42)bycoPaist
avatar (48)pieloKat
avatar (42)ilyagNeexy
avatar (50)donitascene
avatar (50)Toligo

[-]
Online Staff
There are no staff members currently online.

>