精品成人福利在线

Phish Files
Abstract Aliens On Flying Saucers Northern Lights Lighthouse Mountains Water Tree Sun Background Gradient Unidentified Flying Object Ufo Stars Vector Design Style Landscape
Phish Files Articles
October 16, 2025

Beware of Google Calendar Phishing Invites

Posted in: Phishing

The image is a fake phishing notification about a PayPal to Bitcoin transaction with a warning about potential unfamiliar activity.

A calendar shows entries about a finalized PayPal to Bitcoin order and payment verification.

 

We鈥檝e recently observed a wave of Google Calendar phishing attacks targeting our campus community. Attackers are sending fake calendar invitations that reference PayPal, Bitcoin, cryptocurrency, invoices, or overdue payments. These invites often look legitimate and may even include links that lead to malicious websites.

Even if you don鈥檛 click anything, these invitations can clutter your calendar and put your personal information at risk. It鈥檚 important to know how to manage these invites and protect yourself.

How to Protect Your Google Calendar

1. Change Your Calendar Settings

To prevent unknown invites from automatically appearing on your calendar:

  1. Open Google Calendar on a computer.

  2. Click the gear icon 鈫 Settings 鈫 Event settings.

  3. Find 鈥淎utomatically add invitations鈥 under “Add invitation to my calendar” and select: No, only show invitations to which I have responded

This ensures that spam invitations won鈥檛 automatically appear on your calendar.

Disclaimer: By selecting 鈥淣o, only show invitations to which I have responded,鈥 new calendar invitations will not appear automatically on your calendar. You will only see events after you have accepted or responded to the invitation. This may cause you to miss or overlook pending invitations if you do not review them manually in your inbox. Be sure to check your email or invitation list regularly to avoid missing important events.

2. Adjust Notifications

  1. In Settings 鈫 Event settings 鈫 Notifications, you can turn off notifications for external invites.

  2. This helps reduce the chance of accidentally interacting with suspicious events.

Disclaimer: If you turn off notifications for external invites, you will not receive alerts when someone outside your organization sends you a calendar invitation. You may miss new meeting requests unless you check your calendar or email regularly.

3. How to Identify Suspicious Invites

Watch for calendar events that:

  • Come from unknown email addresses.

  • Mention cryptocurrency, PayPal, invoices, or overdue payments.

  • Include links or attachments that ask for credentials.

  • Include a phone number in the event description.

    • Why attackers add phone numbers:

      Phishers often include a phone number to make the invite look more legitimate and urgent. They want you to call the number for 鈥渂illing鈥 or 鈥渧erification,鈥 but this is a social engineering tactic designed to gain access to your accounts. Do not call these numbers or reply to the sender. Legitimate organizations will not request sensitive information through calendar invites.

Important: If you were not expecting the invite, do not interact with it in any way鈥攊gnore, delete, and report.

4. Examples of Suspicious Event Subjects

  • 鈥淚nvoice #XXXX 鈥 Payment Overdue鈥

  • 鈥淧ayPal Notification 鈥 Action Required鈥

  • 鈥淏TC Payment Received 鈥 Confirm Your Account鈥

  • 鈥淐rypto Wallet Alert 鈥 Verify Your Account鈥

  • 鈥淯npaid Invoice 鈥 Urgent Payment Required鈥

  • 鈥淏itcoin Transaction Pending鈥

  • 鈥淧ayment Request from [Random Name]鈥

  • 鈥淩efund Confirmation 鈥 Action Needed鈥

  • 鈥淲ire Transfer Details 鈥 Open Immediately鈥

  • 鈥淯rgent: Account Verification Required鈥

5. Steps to Take if You Receive a Phishing Invite

  • Do not click on any links or respond 鈥淵es/No/Maybe.鈥

  • Do not contact the sender or call the phone number listed.

  • Delete the event from your calendar.

  • Report it to Google:

    • Open the event 鈫 Click More 鈫 Report as spam.

    • This enables Google鈥檚 machine learning to analyze data and improve responses in future scenarios.

  • Forward a copy to phishfiles@montclair.edu.

6. Stay Vigilant

  • Never share your Google credentials or authentication codes.

  • If you weren鈥檛 expecting the invite, do not interact.

  • Verify directly with the sender through official channels if you鈥檙e unsure (never through the calendar invite).

  • Share this information with classmates, colleagues, or team members to help protect the entire campus community.

By following these steps, you can reduce exposure to calendar-based phishing attacks and keep your personal information safe.

Additional Notes: