Suspicious Google Calendar Emails Trigger DMARC Failures

May 15, 2025

New domain monitored by URIports saw unauthorized Google Calendar invites sent to Yahoo users, highlighting ongoing phishing risks.

Email Security
Email Security
1
min read
Suspicious Google Calendar Emails Trigger DMARC Failures

URIports alerted me that one of our monitored domains experienced increase in messages failing DMARC validation last week.

Upon reviewing the reports, I discovered traffic originating from Google servers, going through Google Calendar servers, directed towards Yahoo users.

561 Google Calendar invites were sent on June 26th alone.

This domain is relatively new to our URIports account and has been monitored for only two weeks, so we haven't enforced the policy yet. After thorough verification with the affected company's team, it was confirmed that these Google Calendar invites were not legitimate.

Despite Google having patched this exploit a few years ago, it appears there are still vulnerabilities allowing attackers to send phishing emails, particularly targeting Yahoo users, but potentially affecting others as well.

Has anyone else noticed suspicious activity related to Google Calendar recently?

Email Security
DMARC
Cyber Security
Email Deliverability
SPF
DKIM
Scams
Spoofing
Phishing
Related posts
All posts
Backscatter Injection Attacks Exploiting Legitimate Infrastructure

Attackers use backscatter emails to bypass filters, harming servers and delivering phishing content.

Backscatter Injection Attacks Exploiting Legitimate Infrastructure
Email Security
The Risks of Abruptly Enforcing DMARC p=reject in Organizations

Sudden DMARC enforcement can disrupt workflows, block emails, and impact organizational operations significantly.

The Risks of Abruptly Enforcing DMARC p=reject in Organizations
Email Security
How a Fake Bank Transfer Email Nearly Fooled Me

Spoofed emails can mimic trusted senders, highlighting risks in elementary school communications.

How a Fake Bank Transfer Email Nearly Fooled Me
Email Security