Learn how scammers steal login information using spoofed Calendly links for fake job offers.
In this week’s scam, you receive an email about an exciting job opportunity from a well-known organization, like Disney, Louis Vuitton, or Ford. The email looks professional and seems to be from a legitimate recruiter. It includes a link to book a meeting on Calendly, a popular scheduling tool.
But if you select the link, you’ll be taken to a fake Calendly webpage that cybercriminals control. The site prompts you to log in using your Google or Facebook account, but if you enter your login information, you won’t get an interview. Instead, you’ll hand your login information directly to cybercriminals, who can then use it to hack into your personal or work accounts!
Tips to Stay Safe
Follow these tips to avoid falling victim to this phishing scam:
- Be suspicious if you receive an unexpected invitation for a job opportunity, especially if you never applied for it. Visit an organization’s official careers page if you’re curious about employment opportunities.
- Remember that scammers can use this trick with any meeting app, not just Calendly. Be just as cautious if you receive similar links involving other popular tools, such as Zoom or Microsoft Teams.
- Be very suspicious of any website that asks you to log in with your Google or Facebook account to make an appointment. Always stop and think before you take action!
Stop. Look. Think. And don’t be fooled.
Tips of the Week Brought to You By Our Partners at KnowBe4
KnowBe4 is the world’s most popular integrated platform for awareness training combined with simulated phishing attacks. Let Keller Schroeder show you how KnowBe4 has helped thousands of organizations just like yours manage the continuing problem of social engineering. Contact us today to learn more.
