Do you suddenly find entries in your iCloud calendar that you didn't create or enter? Then it is entirely possible that you've been the victim of a phishing attack. As Malwarebytes reported, the calendar on iPhones and iPads has recently been increasingly compromised by cybercriminals. NextPit reveals how you can protect yourself from this distasteful development.
While Apple has been doing a lot to protect your personal data lately, reports of phishing via the iCloud calendar have been appearing all over the web. For those who have been affected by this, one clear sign is having the calendar app on the iPhone or iPad show plenty of spam entries all of a sudden. Not only are these extremely annoying, they also contain dangerous phishing links when clicked.
Phishing involves cybercriminals trying to obtain your user data by asking you to enter personal information on what looks like a legit site or portal. While phishing via email messages is quite well-known, using fake calendar entries happens to be a far more subtle manner in executing this scam. Apple itself has since responded to the phishing ordeal.
How to remove spam entries from your calendar
Are you browsing through your iCloud calendar right now and chance upon entries that you are 100% sure you didn't enter yourself? Tap one of these intrusive calendar items and tap "Unsubscribe from this calendar" at the very bottom of the screen. After that, all of its entries should be removed from your calendar automatically.
Apple uploaded a video on June 4 which provided a very clear explanation on how how to remove these phishing entries in your calendar. I've embedded it for you as you can see above. I'm quite sure you do not want to subscribe to any new spam calendars, so here is a brief explanation of how you can protect yourself against them as well.
How to avoid falling into the spam calendar trap
Security software company Malwarebytes recently published an analysis of the problem with spam calendars in iOS. Their researchers were able to find websites where users were supposed to confirm that they were a real person via a so-called captcha. After doing so, a pop-up will appear where the user is asked to subscribe to a calendar.
This pop-up will mention how users can continue by tapping "OK" while selecting "Cancel" will close the browser. Those who don't take a second look will then be agreeing to subscribe to a spam calendar. Those who reject the prompt are redirected to even more malicious pages.
To protect yourself against subscribing to calendars, you should always read text stated in pop-ups even if they are extremely annoying, all the way from the top to the bottom. If you're ever too quick with your fingers and have accidentally subscribed to a calendar, however, deleting it on iOS isn't a terribly complicated affair either. Phew!
Have you ever subscribed to a spam calendar by accident or stumbled across a pop-up like this? Let us know in the comments!
Source: Malwarebytes Labs