A new Apple warning has been issued about iCloud Calendar invites being abused to steal credentials and cash. Here's what you need to look out for to avoid attack.
A new Apple warning has been issued after it emerged that iCloud Calendar invites are being abused to send call back phishing emails disguised as purchase notifications directly from Apple’s email servers.
has been issued after it emerged that iCloud Calendar invites are being abused to send call back phishing emails disguised as purchase notifications directly from Apple’s email servers. This makes them more likely to bypass spam filters to land in targets' inboxes, according to a report on“Hello Customer, Your PayPal account has been billed $599.00. We’re confirming receipt of your recent payment,” the email stated. In this iCloud Calendar variation of a “callback phishing scam,” attackers were aiming for the user to call back so they could convince them their account had been hacked. The hope would be that attackers could convince the victim to download software so they could then steal credentials or cash. However, in this case the email was sent from noreply@email.apple.com. This is Apple’s email address, so the email would pass any checks and appear to have legitimately come from Apple's mail server, Bleeping Computer warned.The site showed how this was done. The email was actually an iCloud Calendar invite. “The threat actor included the phishing text within the Notes field and then invited a Microsoft 365 email address that they controlled,” Bleeping Computer explained.By embedding fake payment alert, such as a $599 PayPal charge, into the "notes" field, criminals trick users into calling fraudulent “support” numbers, says Jamie Akhtar, CEO and cofounder at CyberSmart. “Because these invites are sent from Apple’s legitimate servers, they pass authentication checks and appear trustworthy, making them far harder for traditional filters to block.” This latest report shows “an ongoing trend of phishing that rides on reputable services,” says Javvad Malik, lead CISO advisor at KnowBe4. "These attacks, such as the one using iCloud Calendar pass SPF/DKIM/DMARC, and land in inboxes with borrowed legitimacy. People don’t scrutinise calendar links the way they do email links, so a meeting invite with a call back number lowers defences and funnels victims into vishing or remote‑access scams.”has seen similar campaigns launched through legitimate platforms AppSheet, Microsoft, Google, QuickBooks and Telegram, which bypass native and SEG controls.The fake iCloud Calendar invite scam is certainly concerning, but there are some steps you can take to ensure you don’t get caught out by similar attacks. Don’t just hunt for misspellings and spoofed domains: Look at the intent, Malik advises. “Ask if this communication was expected, is it trying to spike emotion, and is there an artificial time limit pushing you to act now? If the answer is yes to any, stop and self‑verify via a known channel. And treat calendar invites with the same scepticism as email." If you are a business, you should remind staff to be cautious of unexpected calendar entries, avoid responding to unknown numbers and verify suspicious messages through separate channel, says Akhtar. Disabling auto-acceptance of invites, enforcing multi-factor authentication, and applying strong filtering controls can also reduce exposure, he says. "A mix of technical safeguards and user awareness is essential against these evolving phishing tactics.” As attackers increasingly use phishing to steal information and ultimately cash, the Apple iCloud Calendar campaign is one of many. With this in mind, always hover your mouse over links you receive via email or invite and ideally, log onto the website separately on your browser to check or change anything on important accounts.
Apple Icloud Apple News Apple Security Apple Phishing Attack Apple Icloud Attack Apple Icloud Calendar Attack Bleeping Computer Apple Email Legitimate How To Spot If Email Is Legitimate
United States Latest News, United States Headlines
Similar News:You can also read news stories similar to this one that we have collected from other news sources.
FBI Warning—Major Problem With Apple’s iPhone EncryptionSmartphone encryption has never been more under threat — what you need to know before it's too late.
Read more »
XRP Volumes Crash 66%; Price Warning?XRP's trading volume came to $2 billion
Read more »
Trump issues 'last warning' to Hamas to accept hostage dealPresident Donald Trump on Sunday issued what he called his 'last warning' to Hamas, urging the Palestinian militant group to accept a deal to release hostages from Gaza.
Read more »
Storm Warning issued for the Aleutians with more weather statewideToday's Alaska weather forecast from Alaska's Weather Source.
Read more »
After issuing 'last warning' to Hamas, Trump eyes Gaza deal 'soon'Today's Video Headlines 09/07/25
Read more »
Iran Sends Warning Over Nuclear SanctionsIranian foreign minister called Europe's nuclear strategy a 'grave miscalculation,' said Trump views the E3 as 'tangential actors.'
Read more »