Fake Google Calender meeting invitations used in new spam attack
By
Negar Salek
20 March 2008 02:25PM
Tags:
google | calendar | google | calender | invite | hacked | google | calender | spam | spam | attack
Nigerian scammers have launched a new spam campaign sending fake Google Calendar meeting invitations in an attack targeted towards corporate users, security vendor BitDefender warned today.
As the hook to dupe users into opening the message, the emails are personalised and bypass URL filtering with a different link sent to each recipient.
"This is a new and untried social engineering approach,” said BitDefender CTO, Bogdan Dumitru. “The fact that these things are being spammed in huge numbers is a bit odd - usually there is a testing phase, to evaluate the response rate," siad Dumitru.
"Normally, after testing, some techniques are found to be ineffective and never get used again. This one's different," he added.
According to BitDefender Google support has been notified to block the accounts used in the scam.
Nigerian scammers also known as ‘419 scams’ are notorious for unleashing spam campaigns which aim to trick victims into disclose personal information or personal funds.
In a seperate incident, yesterday, McAfee Avert Labs revealed that a loophole in Google's website is sending unsuspecting users to malicious websites or executables.
Furthermore, last month, Computer Crime Squad Detectives in Perth arrested a 29 year-old Nigerian man for his alleged involvement with an international online crime syndicate, which media reports claim has defrauded its victims of $1 million.
Antispam analysts at BitDefender said the attack is already added to the vendor's spam signatures base.