Spammers Bombard iCloud Users With New Deluge

Government-backed awareness raising organization, Get Safe Online, has issued new guidance for users bombarded with iCloud calendar and photos sharing spam.

The irritation has become particularly pronounced of late over the Black Friday shopping weekend, according to multiple reports.

Spammers have apparently been bypassing email altogether to send requests out en masse to users for calendar events or to view/share photos.

Unfortunately, if you have already experienced this kind of activity, it means the spammers have obtained your iCloud-linked email, one way or the other.

Get Safe Online urged users not to reply.

“If you respond, or even choose to decline, the spammer is informed that your account is active and will continue to send the spam, possibly in greater volumes. There is an additional possibility that your account details will be sold to others, multiplying the problem,” it warned.

The online safety body republished a set of steps that users can take to mitigate the problem, which involves setting up a new calendar and then adding all the spam invitations to it, before deleting.

This will apparently clean your calendar ‘inbox’ without notifying the scammers.

Another widely reported way to address the issue is to open your iCloud account on the desktop and change settings to receive event invitations by email rather than in-app. This will allow users to simply delete the pesky calendar event spam as it comes in via email.

Unfortunately, for iCloud Photo Sharing spam, there appears to be only one workaround: turn off the feature altogether.

This isn’t the first time that iCloud has garnered negative security-related headlines.

In 2014, it was at the center of the so-called “Celebgate” scandal when countless intimate photos belonging to various Hollywood and other stars were leaked online, apparently from their accounts.

It subsequently emerged that the fault lay with the individual celebs, who had fallen victim to simple phishing attacks designed to harvest their log-ins.

What’s Hot on Infosecurity Magazine?