Fake Action Fraud Tech Scams
Warning of Scammers Pretending to Be Calling From Action Fraud.
Google has said it is "working diligently" to fix a major flaw that allows hackers to hijack a person's Google Calendar through unwanted email invites.
The flaw allows cyber criminals to take advantage of a default setting that automatically adds invitations to a person’s Calendar when they are sent via email.
Unsolicited invites then appear as a notification through the Google Calendar app, which if clicked on can lead users to an official-looking page requesting personal and financial details.
The fake invite scam was first discovered by security researchers in 2017 but Google is only now addressing the issue.
Links within the event or notification will then take victims to a fake Google authentication page that captures their credentials.
Google included details of what people should do if they see a suspicious invitation or event in their inbox. It advises recipients to report the event as spam, which will remove all events from that organiser from the person’s calendar.
How to report an event:
If you don't want to see events on your calendar that you haven't replied to, you can change your Google Calendar settings.