Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

iCloud Calendar Used For Phishing Emails

iCloud Calendar Used For Phishing Emails

September 9, 2025
Reading Time: 3 mins read
in Alerts
Atomic Stealer Masquerades As Cracked App

Abusing iCloud Calendar invites to send emails is a new method for attackers to bypass email spam filters and deliver callback phishing scams directly to inboxes. This technique leverages legitimate features of Apple’s iCloud service. The phishing emails, which appear to be payment receipts for a large sum, are sent from “noreply@email.apple.com” and successfully pass standard email security checks like SPF, DMARC, and DKIM. The scam works by creating an iCloud Calendar invite with the phishing message placed in the notes section, and then sending the invitation to a mailing list controlled by the scammer. This mailing list then forwards the invite to the actual targets, with the email appearing to come from Apple’s trusted servers.

The core of the scam is a classic callback phishing scheme, where the goal is to scare the recipient into calling a provided phone number. The email claims a significant amount has been charged to their PayPal account, and it offers a “support” number to “discuss” or “cancel” the payment. The sense of urgency and fear of a fraudulent charge is designed to make the target act without thinking. The phone number, however, connects the user directly to a scammer.

When a target calls the provided number, a scammer on the other end will attempt to further manipulate them. They often try to convince the victim that their account has been compromised and that they need to take immediate action to secure it. This action often involves the scammer asking the victim to download and run remote access software. By doing so, the victim unknowingly grants the scammer control over their computer.

Once the scammer has remote access, the consequences can be severe. In past similar scams, this access has been used for various malicious purposes, including stealing money directly from bank accounts, deploying malware to compromise the computer further, or exfiltrating sensitive personal data. The seemingly harmless act of calling a “support” number can escalate into a full-blown security and financial nightmare.

The effectiveness of this particular phishing campaign lies not in a new type of lure, but in the sophisticated delivery method. By abusing a legitimate feature and a trusted sender (Apple), the scammers add a layer of credibility to their emails, making it more likely for the messages to bypass spam filters and be opened by the recipient. This method highlights the need for users to be vigilant and cautious, even when an email appears to be from a well-known and reputable company. If an unexpected calendar invite or a strange message appears, it is always safer to treat it with extreme caution and verify the information through official channels rather than calling a number provided in the email.

Reference:

  • Phishing Emails Sent Via ICloud Calendar Using Apples Own Servers
Tags: Cyber AlertsCyber Alerts 2025CyberattackCybersecuritySeptember 2025
ADVERTISEMENT

Related Posts

Hackers Target Libraesva Email Flaw

Hackers Target Libraesva Email Flaw

September 30, 2025
Hackers Target Libraesva Email Flaw

ShadowV2 Botnet Targets Misconfigured AWS

September 30, 2025
Hackers Target Libraesva Email Flaw

Cisco Warns Of IOS Zero Day Bug

September 30, 2025
Fake Microsoft Teams Installers Spread

Fake Microsoft Teams Installers Spread

September 30, 2025
Fake Microsoft Teams Installers Spread

Cybercriminals Use Facebook Google Ads

September 30, 2025
Fake Microsoft Teams Installers Spread

CISA Warns Of Critical Sudo Flaw

September 30, 2025

Latest Alerts

Hackers Target Libraesva Email Flaw

ShadowV2 Botnet Targets Misconfigured AWS

Cisco Warns Of IOS Zero Day Bug

CISA Warns Of Critical Sudo Flaw

Cybercriminals Use Facebook Google Ads

Fake Microsoft Teams Installers Spread

Subscribe to our newsletter

    Latest Incidents

    Ukrainian Hackers Breach Crimean Servers

    Ransomware Gang Claims Maryland Breach

    Arizona School District Data Breach

    Attackers Take Down Asahi Brewer

    Harrods Alerts Customers To Breach

    Hackers Steal Photos From Kido Nursery

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial