Why You Must Stop Using Google Calendar Immediately!

Must Read

Superstitions across different countries – An Overview

Some believe that a superstition is anything that people believe that is based on myth, magic, or irrational thoughts. They are beliefs that are steeped in lore or tradition, and it is usually difficult to pinpoint the exact origin. Here is a brief compilation of Superstitions which are prevalent across different countries.

1.5 Million Engineers Pass Out In India Every Year, Fewer Getting Hired [Trends]

Engineering colleges have been springing up like wild mushrooms in India in the last few years. Their number has...

World’s Most Popular Ad Slogans: A Brief List To Inspire With !

Advertisement plays an important role for companies as well as consumers world wide. It gives a seller an opportunity...

A grave safety loophole has been found in Google’s time management service “Google Calendar”. Its public sharing feature makes sensitive organizational information, like email ID, event name, location, duration, available to anyone and everyone on the internet.

The recently identified loophole in Google Calendar allows anyone other than company insiders can easily get their hands on internal information like email ID, meeting venues or dial in passcodes for restricted access areas. To make the matter worst, scammers could also add links, create new events, meetings to Google Calendar by bypassing all the authentication. At the same time, scammers are exploiting this public availability along with the close integration between all Google services to assault users with a credential-stealing attack.

Security researcher Avinash Jain recently made a blog post bringing this issue to light. He found that by using the Google Dork advanced search, he could access all public Google Calendars and users. Over 8,000 such calendars containing sensitive private information about organizations were exposed to be unsafely perused and misused by scammers on the internet.

Advertisements

Google Calendar’s objective

Google Calendar is a service especially built keeping teams and groups in mind. As of February 2018, it had been installed up to 500 million times. The service allows teams and individuals to share a common digital calendar that can be accessed, edited, and further shared to others by team members, or an external agent, depending on the kinds of settings one has enabled. However, this public visibility is not due to a slip up failing to ensure user data safety but is instead an intentional feature for easy connectivity among organizations and employees.

So to speak, the service has settings that can maintain the confidentiality of information even on a publicly shared document by displaying days and slots as “free” or “busy” to users outside the organization. Then, it seems that this blind spot has been created due to the company’s inability to sufficiently educate and notify its customers about the publicity of their information.

Past Data Breaches of Google

Such data breach from a company like Google, which is deep into the business of handling users’ data, is quite disappointing. Even though the recent privacy breach with Google Calendar cannot quite be classified as a data breach, Google has had a history of unsafe handling of user information in the past.

In 2014, personal information of 5 million Google customers surfaced on Russian cybercrime websites because of a bug in the algorithm. This information included name, age, occupation, and similar demographic details along with e-mail addresses and passwords.

Google is also notorious for tracking the internet usage of its customers and selling it to third-party companies, which is a severe breach of privacy.

Advertisements

The exploitation of Google’s Services by Scammers

Earlier this year, an article on Kaspersky Daily highlighted some of the common ways in which scammers misused the easy connectivity and transfer of data among Google’s various services such as Google Photos, Gmail, Google Translate, etc.

It seems that using Google Calendar is among the easiest ways to do so. As mentioned above, Google Calendar allows anyone to edit and add events into a public calendar. Scammers have taken to this platform to trick people by setting up meetings with users on the calendar and using the location and topic fields to inform the user that they’re eligible for a cash payment. This then redirects them to a link that allegedly allows them to receive their cash payment. But in reality, it is a trap to extract the user’s bank information.

A similar scam is seen making the rounds on Google Photos, albeit the offer is made through a picture.

Google Forms warns users to never submit passwords, bank information, and other private data in their forms for the same reason.

Thus, Google and all other services on the web must be used carefully. At the same time, companies should be held accountable and required to be transparent about how they use their consumer’s data. Until Google found a fix to this leak, people concern to their private data must stay attentive with Google Calendar, rather stop using it!

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest News

India the 3rd Worst Economically Affected Nation by Internet Shutdowns in 2019: Report

2019 saw an increasing awareness about internet shutdowns in the Indian population due to unprecedented first-hand experience...

Amazon and Flipkart Under The Lens Of Indian Authorities For Competition Squashing Activities!

The ongoing tug of war between Offline and Online retailers in India seems to be far from over. On Monday, the Competition...

Constant Internet Suspensions In India Affecting Online Transactions and Economy Adversely

In the wake of the highly controversial and prejudiced Citizenship Amendment Act and other related legal developments such as the NRC, IT...

The Current Generation Require Technology In Class To Make The Most Of Future Opportunities

Technology is the current drive for everything. It has influenced all aspects of life, including cultures. It affects the way we live,...

Reliance Jio Offers Free Calls Over WiFi: Activate It Now

Following Airtel’s launch of VoWiFi calling in December 2019, Jio has now started rolling out VoWiFi calling, as well.

UPI Scam: A Man Loses Rs. 1.01 Lakhs While Using Paytm and Google Pay

Facebook finds it itself in the middle of its first scam of the new decade and the catalyst seems to be its...

In-Depth: Dprime

YouTube Should Have Bid Adieu To Dislike Button Much Earlier?

Online video sharing platform YouTube can be a ruthless place for content creators targeted by 'dislike mobs'. And the site owners totally understand that...

Facebook Has Pulled Off A Masterstroke By Integrating Its ‘Family Of Apps’?

It’s indeed hard to believe that ONE man sitting at Menlo Park, oversees how nearly a third of the world’s population interacts with each...

Facebook’s Crunch Conquest: By Relying Largely On The US Market, Is Facebook Running a Risk?

Two billion! That's Facebook, Inc. (NASDAQ: FB) for you - Right when you thought that this social-media giant has already connected the entire world, it's...

More Articles Like This