Update: A Google spokesperson has contacted us to clarify its position on spam calendar invitations: "Spam calendar invitations can include both unwanted and malicious content that deceive users, similar to spam email. We are not aware of any security bugs due to the software itself. As such, it would be misleading to characterise this as a technical security vulnerability." Updated story continues below.
Gmail users are being warned to watch out for spam calendar invitations containing links to malicious websites. As Forbes (opens in new tab) explains, calendar invitations can be sent by email – even by people you don't know, and have never spoken to before.
- Check out our guide to the best antivirus software
- The best free office software of 2019
- This year's best free photo editors
These fake invitations could include a malicious link that could not only be used to steal login credentials (like a standard phishing attack), but also to provide other sensitive information, such as how to gain access to a building where the 'meeting' is due to take place.
Don't get caught out
If you're concerned Black Hills Information Security has published an extensive guide (opens in new tab) that you can follow to secure your Gmail and Google Calendar (opens in new tab) apps from potential attack.
As always, though, the most important thing is to always treat unsolicited emails with caution, and not click any links to events that you aren't expecting.