Security News > 2022 > April > Phishing attacks exploit free calendar app to steal account credentials
Phishing attacks exploit free calendar app to steal account credentials.
Cybercriminals who specialize in phishing attacks like to point people to actual websites as much as possible.
In a report released Thursday, email security provider INKY describes a recent phishing campaign that took advantage of the Calendly calendar app to harvest sensitive account credentials from unsuspecting victims.
Clicking on that link would have brought the user to a webpage that looked like a Microsoft site but actually was set up to steal Microsoft account credentials.
The first attempt triggered an invalid password error, a known tactic in which the user is told that their credentials aren't valid but those credentials are actually harvested behind the scenes.
Also See Share: Phishing attacks exploit free calendar app to steal account credentials.
News URL
https://www.techrepublic.com/article/phishing-exploits-calendar-app/
Related news
- Free Sniper Dz Phishing Tools Fuel 140,000+ Cyber Attacks Targeting User Credentials (source)
- Alert: Adobe Commerce and Magento Stores Under Attack from CosmicSting Exploit (source)
- Critical Ivanti RCE flaw with public exploit now used in attacks (source)
- DOJ, Microsoft seize 107 domains used in Russia's Star Blizzard phishing attacks (source)
- Google Adds New Pixel Security Features to Block 2G Exploits and Baseband Attacks (source)
- GitHub, Telegram Bots, and ASCII QR Codes Abused in New Wave of Phishing Attacks (source)
- Supply Chain Attacks Can Exploit Entry Points in Python, npm, and Open-Source Ecosystems (source)
- Astaroth Banking Malware Resurfaces in Brazil via Spear-Phishing Attack (source)
- Hackers Exploit Roundcube Webmail XSS Vulnerability to Steal Login Credentials (source)
- Hackers exploit Roundcube webmail flaw to steal email, credentials (source)