Fake Calendly Invites Spoof Top Brands to Hijack Ad Manager Accounts

A ongoing phishing campaign is using fake Calendly invitations to impersonate popular brands such as Unilever, Disney, MasterCard, LVMH, and Uber. The goal of this campaign is to steal credentials for Google Workspace and Facebook Business accounts. The attackers send fraudulent Calendly invitations that redirect victims to fake login pages. Once the credentials are stolen, the attackers can access the victims' advertising accounts, potentially for malicious activities such as running fraudulent ads.

This campaign highlights the continued threat of phishing attacks and the importance of verifying the authenticity of emails and links. The use of well-known brands and services like Calendly adds credibility to the attack, making it more likely that victims will fall for the scam.

From a technical standpoint, the attack vector involves spoofing Calendly invitations to lure victims into clicking on malicious links. These links redirect to fake login pages designed to capture credentials. Once the attackers have these credentials, they can access the victims' advertising accounts, potentially leading to fraudulent ad campaigns or other malicious activities.

The impact on the cybersecurity landscape is significant. This campaign underscores the risks associated with using third-party services like Calendly, which can be spoofed to appear legitimate. It also highlights the importance of educating employees about the risks of phishing attacks and the importance of verifying the authenticity of emails and links.

For organizations, implementing multi-factor authentication (MFA) can help mitigate the risk of credential theft. Additionally, organizations should consider implementing email filtering solutions to block phishing emails and educate employees on how to recognize and report phishing attempts.

In conclusion, this phishing campaign serves as a reminder of the ongoing threat of phishing attacks and the importance of verifying the authenticity of emails and links. Organizations should take steps to educate their employees and implement security measures to mitigate the risk of credential theft.