‘It’s unforgivable’: Apple users fume over iOS calendar spam resurgence fueling crypto scams

Apple users on Reddit have responded to the resurgence of the iOS calendar phishing scam that now targets mainly crypto users.

Responding to the news on 8 September, the users expressed their frustrations concerning the scam which has lingered with no permanent solution in sight.

What happened?

There is a recent resurgence of spams on Apple calendar that has resulted in iCloud crypto scams. 

Scammers send spam invites to Apple users and also exploit iCloud infrastructure to sell get-rich-quick crypto schemes that lead to losses.

According to reports, the spams somehow bypass many filters to come from legitimate Apple servers, making them appear highly credible to users.

In the past, the spams showed up as event invites for sales promotions or fake appointments. Because they managed to fill the users’ calendars, the chances of clicking on and accepting such invites were very high, making users vulnerable.

There were so many cases that Apple had to provide awareness and guidance on how to avoid the spams. 

This time, the bad actors are taking advantage of the popular crypto market to steal from unsuspecting users.

They send invites that appear to be urgent crypto giveaways, wallet verifications, or investment opportunities with links to phishing sites designed to steal wallet credentials or personal data. 

By leveraging iCloud’s shared calendar feature, they are able to send invites en masse without direct email interaction, which when accepted can integrate into users calendar app across iOS devices.

Users can deal with this by disabling automatic additions in Calendar settings. They are also encouraged to report suspicious invites directly through Apple’s tools while enterprises can integrate advanced threat detection that monitors iCloud traffic for such spams.

Users’ concern

Because this isn’t the first time such scams are happening, users have expressed concern that no concrete measures have been taken to protect users. 

Apple has yet to make any official statement on the matter at the time of reporting.