How fraudsters use Google Calendar, Photos, Drive, and other services to distribute spam?
Google is not just a search tool, but multiple services used by billions of people every day: Gmail, Calendar, Google Drive, Google Photos, Google Translate, the list goes on. And they are all integrated with each other. Calendar is linked to Gmail, Gmail to Google Drive, Google Drive to Google Photos, and so on.
It’s all very handy — register once and away you go. And there’s no need to mess around moving files and data between services; Google does everything for you. The downside is that online fraudsters have learned to exploit the convenience of Google services to send spam or worse.
Spam through Google services: Calendar, Photos, Drive, Storage, Analytics, and Forms
The spammer’s main task is to bypass the spam filter and deliver e-mail to your inbox. As it happens, Google services often send e-mail notifications to Gmail inboxes — and Google’s antispam module avoids flagging notifications from its own services as spam. With that in mind, let’s look at which Google services spammers use — and how.
Spam in Google Calendar
Naturally, if someone uses Google Calendar to arrange a meeting with you, you receive notifications about it. Well, spammers have recently taken to making appointments en masse.
Because Google Calendar is designed to let anyone at all invite you to a meeting, both Calendar and Gmail (which receives the notification) are totally fine with any John Doe scheduling a meeting with you.
Spammers use the location and topic fields to convey the details to you. Usually, their spam details consist of a short bit of text stating that you are entitled to a cash payment for some reason, and a link that supposedly lets you receive it.
Spam in Google Photos
Scammers use Google Photos to share photographs that include comments about sudden large remittances that can be had by replying to the e-mail address supplied in the message. For the recipient, it looks like a harmless e-mail from Google Photos with the header “So-and-so shared a photo with you.”
A photo of a nonexistent check should immediately betray the scammers’ intentions. The check states that some commission fee will unlock a much larger amount. After the victim pays up, the scammers simply vanish into the ether.
How to guard against spam distribution through Google and other popular services?
Unfortunately, there is no silver bullet against such spam. The settings required depend on the service, and in most cases they reduce its usability.
For example, in Google Calendar, it is possible to disable automatic adding of events until invitations are accepted, but this also affects events that are of genuine interest. However, the spam in this tool is perhaps the most intrusive, so it makes sense to do so.
In fairness, we should mention that Google does a lot to combat spam and keep scammers out. But as Google itself rightly notes, the struggle against spam is never-ending. That means as soon as spamming through Google services in its current form is defeated (which it surely will be), cybercriminals will find other loopholes.
The most important thing is to be attentive.
Do not open messages from unknown senders.
Never accept invitations from people you don’t know.
Do not tap or click links in messages you weren’t expecting.
And install a reliable security solution with an antispam module to filter out at least some of the spam that wriggles through Google’s filter.
How to Avoid and report Google scams?
By focusing on providing the best user experience possible, Google has earned a trusted brand name. Unfortunately, unscrupulous people sometimes try to use the Google brand to scam and defraud others.
Here are a few common scams, and ways that you can avoid and report them.
Google Lotto Scam;
Google Pop-up Scam;
Gmail Tech Support Scam;
Vehicle Purchase Scam;
Google AdWords Impersonation Scam;
Google Job Offer Scam;
Google Account Recovery Scam via SMS Messages;
Google Top Placement/SEO Scam;
Google Maps/SEO Fake Invoices;
Google Telemarketing Calls;
Gmail Update Phishing;
Google AdSense Scam;
Tax Payment Scam;
Blackmail & Extortion;
Specific Google scams information: https://support.google.com/faqs/answer/2952493?hl=en
Read full Article here: https://lnkd.in/d7-dPGE
