Google has started the rollout of a new method that could help users block Google Calendar invitation spams, most likely sent by phishing actors to victimise people. This new release is available for all Google’s clients, including Business and G Suite Basic users.
According to a blog posted by the Google Workspace team, they shared that users’ Google Calendar could now be free of spam because of the new update rollout that helps users select an option to display invites and events from senders that they only know.
Despite spammers still being able to send out their malicious calendar invitations, if they are detected as unknown, their invitations are blocked unless the user accepts them. Users detected as ‘known’ are people sharing the same company domain with the account owner, people from the account owner’s contact list, and people with whom the account owner had previously interacted.
Google has been working to find effective solutions against spammers sending out malicious calendar invites to users.
After years of testing out and looking for a way to block these bad actors from propagating against Google Workspace users, the tech giant had finally released a new update that could block unwanted calendar invitations.
The “Automatically add invitations” setting would help users only allow people they had accepted an invite before, instead of automatically adding all invitations to the default calendar from random and probably untrusted senders. This option would let users customise their calendar display to which they need best.
Google Workspace admins can also set the default reply option for all users from their end at the Admin console; however, all users can still apply their preferences in their Calendar settings.
Security experts stressed that most unwanted Google Calendar invites come from threat actors launching phishing attacks and other malicious campaigns to victimise. With millions of Google Workspace users worldwide, being targeted by bad actors had long been a common issue; thus, implementing a solution to secure people had become a priority.
Even though some users can distinguish between a spam invite and a legitimate one, others could still fall prey to the attackers, causing them to lose sensitive data and money or be scammed in all other sorts.
