As you may have read form other users, someone has gained access to
our calendar and been able to add spam events. The subject in this
case is the typical bank scam from Africa.
Please have a look at our Google Apps calendar (for
amblermountainworks.com) and the entry "URGENT BUSINESS ASSISTANCE" on
March 1st.
> As you may have read form other users, someone has gained access to
> our calendar and been able to add spam events. The subject in this
> case is the typical bank scam from Africa.
> Please have a look at our Google Apps calendar (for
> amblermountainworks.com) and the entry "URGENT BUSINESS ASSISTANCE" on
> March 1st.
Can google please not remind users of invitations they HAVE NOT
accepted?
I also had calendar spam - I did not accept the invitation BUT because
I have reminders automatically set to send email, popup and send sms I
was awakened by the text and popup (I have integrated google calendar
on my phone) on Saturday morning - early. :( Now I have to remove the
reminders.
Thanks!
Delivered-To: [email address]
Received: by 10.142.11.15 with SMTP id 15cs65930wfk;
Fri, 14 Mar 2008 17:01:38 -0700 (PDT)
Received: by 10.150.57.5 with SMTP id f5mr6706295yba.71.1205539297721;
Fri, 14 Mar 2008 17:01:37 -0700 (PDT)
Return-Path: <34RHbRwAADxY5G74w99w.I47EA928w47.yA8@calendar-
server.bounces.google.com>
Received: from py-out-f140.google.com (py-out-f140.google.com
[64.233.166.140])
by mx.google.com with ESMTP id g7si22613110wra.
16.2008.03.14.17.01.37;
Fri, 14 Mar 2008 17:01:37 -0700 (PDT)
Received-SPF: pass (google.com: domain of
34RHbRwAADxY5G74w99w.I47EA928w47.yA8@calendar-
server.bounces.google.com designates 64.233.166.140 as permitted
sender) client-ip=64.233.166.140;
Authentication-Results: mx.google.com; spf=pass (google.com: domain of
34RHbRwAADxY5G74w99w.I47EA928w47.yA8@calendar-
server.bounces.google.com designates 64.233.166.140 as permitted
sender) smtp.mail=34RHbRwAADxY5G74w99w.I47EA928w47.yA8@calendar-
server.bounces.google.com; dkim=pass (test mode) [email address]
Received: by py-out-f140.google.com with SMTP id x65so397243pyg.3
for <[email address]>; Fri, 14 Mar 2008 17:01:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=google.com; s=beta;
h=domainkey-signature:mime-version:message-id:date:reply-
to:sender:received:subject:from:to:content-type;
bh=gY6gVgRfONC0ngs5ZXYcjzCb17+8tbwDDVD/x3NzPSc=;
b=jrmYO32eHu7uelbTfA1KRIKLJn3KtCkIDK0VqmUv02DQIClWP5ibBvqE95pO4NzXvmNL1m8/
VcqF/rGVe9533Q==
DomainKey-Signature: a=rsa-sha1; c=nofws;
d=google.com; s=beta;
h=mime-version:message-id:date:reply-
to:sender:subject:from:to:content-type;
b=HvgOxynQX1WUZCSDcHZtcomeE39OGnZeWrh60vdx3/IsNznoGh7/
xjfAJYKFPJPAUzKtG00wMyGpyNgGtHj+dA==
MIME-Version: 1.0
Message-ID: <[email address]>
Date: Fri, 14 Mar 2008 17:01:37 -0700
Reply-To: emeka johnson <[email address]>
Sender: Google Calendar <[email address]>
Received: by 10.65.75.2 with SMTP id c2mr15847909qbl.5.1205539297012;
Fri, 14
Mar 2008 17:01:37 -0700 (PDT)
Subject: [Invitation] Contact My Secretary For Your Compensation @
Sat Mar 15
07:30 - 08:30 (j w)
From: emeka johnson <[email address]>
To: j w <[email address]>
Content-Type: multipart/mixed;
boundary=00c09f98690404486e7d8faa286624756
Title: Contact My Secretary For Your Compensation
Time: Sat Mar 15 07:30 - 08:30 (Timezone: Eastern Time)
Calendar: j w
Description: Dear friend,
I am very happy to inform you about my success in getting that fund.
Now, I want you to contact my secretary on the information below:
Name: Morgan Alex, Ask him to send to you the total sum of (USD
$1.2Million) in a bank draft, which I kept for your compensation. So
contact him immediately on his e-mail: ([email address] ) and
send him the below information to enable himdeliver your bank draft to
you.
1.YOUR FULL NAME:_________________
2.YOUR ADDRESS:____________________________
3.TELEPHONE NUMBER:___________
4.OCCUPATION:_________________
Regards,
EMEKA JOHNSON
You are receiving this email at the account [email address] because you
are subscribed for invitations on calendar j w.
To stop receiving these notifications, please log in to
http://www.google.com/calendar/ and change your notification settings
for this calendar.
--00c09f98690404486e7d8faa236624755
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
<div style="padding:10px 7px; font-size:12px; line-height:1.4 font-
family:Arial,Sans-serif; text-align:center;"><div><a href="http://
www.google.com/calendar/"><img style="border-width:0" src="http://
www.google.com/calendar/images/blue_beta_en.gif" alt="Google
Calendar"></a></div>
<div style="width:370px; background:#D2E6D2; border-style:solid;
border-color:#ccc; border-width:1px 1px 0 1px; padding:15px 15px 5px
15px; margin:0 auto"><p style="margin:0;color:#0">j w,
you are invited to</p>
<h2 style="margin:5px 0; font-size:18px; line-height:
1.4;color:#0">Contact My Secretary For Your Compensation </h2>
<p style="margin:0 0 .5em;"><span style="color:#0">Sat Mar 15 07:30
– 08:30</span>
<br>
<span style="color:#676;">(Timezone:
Eastern Time)</span>
<br>
<span style="color:#0"></span>
<br>
<span style="color:#0">Calendar:
j w</span></p>
<p style="margin:0 0 1em;color:#0; white-space:pre-wrap !important;
white-space:-moz-pre-wrap !important; white-space:-pre-wrap !
important; white-space:-o-pre-wrap !important; white-space:pre; word-
wrap:break-word;"> Dear friend,
<br>
<br>I am very happy to inform you about my success in getting that
fund. Now, I want you to contact my secretary on the information
below:
<br>
<br>Name: Morgan Alex, Ask him to send to you the total sum of (USD
$1.2Million) in a bank draft, which I kept for your compensation. So
contact him immediately on his e-mail: ([email address] ) and
send him the below information to enable himdeliver your bank draft to
you.
<br>
<br>1.YOUR FULL NAME:_________________
<br>2.YOUR ADDRESS:____________________________
<br>3.TELEPHONE NUMBER:___________
<br>4.OCCUPATION:_________________
<br>Regards,
<br>EMEKA JOHNSON
<br><br><a href="http://www.google.com/calendar/event? action=VIEW&eid=ODltNmphazdtdeleted&tok=MjMjZW1la2Fqb2huc29uNEBnbWF pbC5jb20zMjZlNDc4OGEyYjczMDJhNTJiMGYxZWNjNmMzZTA1YjhmZmJjNzI4&ctz=Ameri ca
%2FNew_York&hl=en">More event details»</a></p>
<div style="margin:.5em 0 0; text-align:center;color:#0"><strong>Will
you attend?</strong></div>
<div style="margin:4px 0 0; text-align:center;"><span
style="background:#fff; border:1px solid #676; padding:
3px 5px; line-height:1.5;"><a href="http://www.google.com/calendar/ event?
action=RESPOND&eid=ODltNmphazdtOHNrbDk4cWpxbTd0bzZ1cjQganVsaWFubmEud2ls c29uQG0&rst=1&tok=MjMjZW1la2Fqb2huc29uNEBnbWFpbC5jb20zMjZlNDc4OGEyY jczMDJhNTJiMGYxZWNjNmMzZTA1YjhmZmJjNzI4&ctz=America
%2FNew_York&hl=en">Yes</a>
|<a href="http://www.google.com/calendar/event? action=RESPOND&eid=ODltNmphazdtOHNrdelete&rst=2&tok=MjMjZW1la2F qb2huc29uNEBnbWFpbC5jb20zMjZlNDc4OGEyYjczMDJhNTJiMGYxZWNjNmMzZTA1YjhmZmJjNz I4&ctz=America
%2FNew_York&hl=en">No</a>
|<a href="http://www.google.com/calendar/event? action=RESPOND&eid=ODltNmphazdtOHNrdelete&rst=3&tok=MjMjZW1la2F qb2huc29uNEBnbWFpbC5jb20zMjZlNDc4OGEyYjczMDJhNTJiMGYxZWNjNmMzZTA1YjhmZmJjNz I4&ctz=America
%2FNew_York&hl=en">Maybe</a></span></div></div>
<div><img src="http://www.google.com/calendar/images/envelope.gif"
style="background:#D2E6D2; width:420px height:95px" alt=""></div><p
style="margin:-15px 0 0;"><a href="http://www.google.com/ calendar/">View your calendar»</a></p>
<p style="color:#676;">You are receiving this email at the account
[email address] because you are subscribed for invitations on calendar j
w.</p><p style="color:#676;">To stop receiving these notifications,
please log in to http://www.google.com/calendar/ and change your
notification settings for this calendar.</p></div>
--00c09f98690404486e7d8faa236624755
Content-Type: text/calendar; charset=ISO-8859-1; method=REQUEST
Content-Transfer-Encoding: 7bit
BEGIN:VCALENDAR
PRODID:-//Google Inc//Google Calendar 70.9054//EN
VERSION:2.0
CALSCALE:GREGORIAN
METHOD:REQUEST
BEGIN:VEVENT
DTSTART:20080315T113000Z
DTEND:20080315T123000Z
DTSTAMP:20080315T000136Z
ORGANIZER;CN=emeka johnson:MAILTO:[email address]
UID:[email address]
ATTENDEE;CUTYPE=INDIVIDUAL;ROLE=REQ-PARTICIPANT;PARTSTAT=NEEDS-
ACTION;RSVP=
TRUE;CN=j w;X-NUM-GUESTS=0:MAILTO:[email address]
CLASS:PRIVATE
CREATED:20080315T000132Z
DESCRIPTION: Dear friend\,\n\nI am very happy to inform you about
my su
ccess in getting that fund. Now\, I want you to contact my
secretary on t
he information below:\n\nName: Morgan Alex\, Ask him to send to you
the t
otal sum of (USD$1.2Million) in a bank draft\, which I kept for your
compen
sation. So contact him immediately on his e-mail:
([email address]
) and send him the below information to enable himdeliver your bank
draft t
o you.\n\n1.YOUR FULL NAME:_________________\n2.YOUR
ADDRESS:______________
______________\n3.TELEPHONE NUMBER:___________
\n4.OCCUPATION:______________
___\nRegards\,\nEMEKA JOHNSON\n\nView your event at http://www.google.com/c alendar/event?
action=VIEW&eid=ODltNmphazdtOHNrbDk4cWpxbTd0bzZ1cjQganVsaWFubdelete
NTJiMGYxZWNjNmMzZTA1YjhmZmJjNzI4&ctz=America%2FNew_York&hl=en.
LAST-MODIFIED:20080315T000135Z
LOCATION:
SEQUENCE:0
STATUS:CONFIRMED
SUMMARY:Contact My Secretary For Your Compensation
TRANSP:OPAQUE
END:VEVENT
END:VCALENDAR
I'm really sorry to hear that you're receiving reminders for spammy
events and seeing these events on your Google Calendar. The team hates
spam just as much as you guys do and we're working hard to keep it out
of Google Calendar.
If you've enabled notifications for "New invitations," you can
configure your Google Calendar settings to only show events you've
created or accepted:
1. Click on "Settings" at the top of any Google Calendar page
2. Select the "General" tab if it isn't selected already.
3. In the "Automatically add invitations to my calendar" section,
select "No, only show invitations to which I have responded."
4. Click on "Save."
A good first step would be to implement a way to report calendar spam
as spam.
And then I would suggest that the default behaviour should be to only
accept invitations from people in my contacts list. It's completely
illogical to assume that I would want to automatically accept
invitations from people I haven't previously had correspondence with!
> I'm really sorry to hear that you're receiving reminders for spammy
> events and seeing these events on yourGoogleCalendar. The team hatesspamjust as much as you guys do and we're working hard to keep it out
> ofGoogleCalendar.
> If you've enabled notifications for "New invitations," you can
> configure yourGoogleCalendarsettings to only show events you've
> created or accepted:
> 1. Click on "Settings" at the top of anyGoogleCalendarpage
> 2. Select the "General" tab if it isn't selected already.
> 3. In the "Automatically add invitations to mycalendar" section,
> select "No, only show invitations to which I have responded."
> 4. Click on "Save."
There seems to be no acknowledgement of the fact that this is a major
security hole (unless I'm missing something?). How do spammers gain
access to our calendars, when we have not shared them??
> I'm really sorry to hear that you're receiving reminders for spammy
> events and seeing these events on your Google Calendar. The team hatesspamjust as much as you guys do and we're working hard to keep it out
> of Google Calendar.
> If you've enabled notifications for "New invitations," you can
> configure your Google Calendar settings to only show events you've
> created or accepted:
> 1. Click on "Settings" at the top of any Google Calendar page
> 2. Select the "General" tab if it isn't selected already.
> 3. In the "Automatically add invitations to my calendar" section,
> select "No, only show invitations to which I have responded."
> 4. Click on "Save."
I got a SPAM appointment this week. After deleting the SPAM it
remains on my calendar. If you follow the advice to change the
calendar settings to only show events I accept or create, the event
disappears -- but its still in the calendar data. Change the setting
back and there is the SPAM appointment.
My concern that this behavior might result in SPAM appointments
getting sync'd to Outlook or using gSync or other API tool. Any
thoughts?
> I'm really sorry to hear that you're receiving reminders for spammy
> events and seeing these events on your Google Calendar. The team hates
> spam just as much as you guys do and we're working hard to keep it out
> of Google Calendar.
> If you've enabled notifications for "New invitations," you can
> configure your Google Calendar settings to only show events you've
> created or accepted:
> 1. Click on "Settings" at the top of any Google Calendar page
> 2. Select the "General" tab if it isn't selected already.
> 3. In the "Automatically add invitations to my calendar" section,
> select "No, only show invitations to which I have responded."
> 4. Click on "Save."
> I'm really sorry to hear that you're receiving reminders for spammy
> events and seeing these events on your Google Calendar. The team hates
> spam just as much as you guys do and we're working hard to keep it out
> of Google Calendar.
> If you've enabled notifications for "New invitations," you can
> configure your Google Calendar settings to only show events you've
> created or accepted:
> 1. Click on "Settings" at the top of any Google Calendar page
> 2. Select the "General" tab if it isn't selected already.
> 3. In the "Automatically add invitations to my calendar" section,
> select "No, only show invitations to which I have responded."
> 4. Click on "Save."
Thanks for the tip! I was really annoyed to receive short text
messages in the middle of the night urging me to get in touch with the
secretary of the son of some Nigerian politician...
By the way, if you want to find out who really created the entry, the
only way I've found is to view the calendar entry and click on the
"Email organizer" link. The popup window that appears will show the
real address of whomever created the calendar entry. (I haven't found
any other way of doing it)
Why does the "Automatically add invitations to my calendar" option
kick in _BEFORE_ the spam filtering? If a message is automatically
filtered into my spam folder then it should _NOT_ be added to my
calendar (as it is currently happening!)
Thanks for the great feedback everyone. We’re definitely looking into
some of these suggestions as part of our current efforts to fight spam
and prevent it from showing up in your Google Calendar.
> Thanks for the great feedback everyone. We’re definitely looking into
> some of these suggestions as part of our current efforts to fight spam
> and prevent it from showing up in your Google Calendar.
The spam report I sent in today starts out as below. I was surprised
that it should be possible for an arbitrary person to post an event
(even if called an "invitation") on my calendar. I've changed settings
to prevent this in future. This was obviously spam (among other
things, the grammar errors and the strangeness of being contacted via
a calendar event) but some people could be fooled because spam usually
doesn't address you by name.
I suggest defaulting settings NOT to permit others to post invitations
on your calendar, and considering authentication for allowing this
kind of posting (why would anyone EVER want a total stranger to be
able to post an invitation to their calendar)?
Fortunately it is possible to delete these from the calendar.
---
from customer care <[email address]>
reply-to customer care <[email address]>
to Philip Machanick <[email address]>
date Mon, May 12, 2008 at 1:34 AM
subject [Invitation] YOU ARE ADVISED TO VERIFY YOUR ACCOUNT @ Mon 12
May 13:00 – 14:00 (Philip Machanick)
mailed-by calendar-server.bounces.google.com
signed-by google.com
you are invited to
YOU ARE ADVISED TO VERIFY YOUR ACCOUNT
so wait you're identifying accounts and disabling them but you dont
have an active spam filter in place??? and yes a 'report spam' button
in calenders too would be really helpful.
> Thanks for the great feedback everyone. We’re definitely looking into
> some of these suggestions as part of our current efforts to fight spam
> and prevent it from showing up in your Google Calendar.
