How does the iPhone calendar virus work?
If an attacker knows the email address associated with your calendar account, they can send you deceptive calendar invites riddled with infectious hyperlinks.
You might also be tricked into subscribing to a calendar on suspicious websites, which allows spammers to send you tons of spam calendar messages, attached to bogus events. (These calendars are often disguised as fake captchas, which we discuss in the following section).
If you fall for the trick, you’ll click on the links or buttons within the calendar message.
This could potentially download malware onto your device, or redirect you to shady websites that might steal your data.
What does iPhone calendar spam look like?
In these bogus calendar events, you’ll probably notice messages with odd URLs and alarming headlines, telling you that your “phone is hacked” and urging you to click a link. Some of these spam messages might look like this:
Common examples of calendar spam invitations
- Click NOW to Secure your iPhone
- iPhone 13 is Here, pick it up or Rearrange delivery
- Tom sent you 2 Pictures
- Your iPhone Has Been Infected with a Virus! Remove it now
- Easy Short-Term Loans – Apply Online
- Black Friday is Here: Canada Goose Only $99 and similar
- CLICK SUBSCRIBE
Another giveaway is if the bogus events are assigned to a Calendar named: CLICK SUBSCRIBE.
2 ways to get infected with iPhone calendar spam
So how do you end up getting spammed with fake calendar invites in the first place? Well, the hackers will start by getting you subscribed to their dodgy calendar, or by stealing your email address directly. There are two ways it can happen:
Accidentally click on fake captchas
You’ll have seen captchas before: these are the little puzzles websites make you complete to prove you’re not a bot. But sometimes scam websites display fake captchas to bypass warnings from your browser and to make you press certain keys that trigger malicious downloads.
You might encounter these scam websites after being redirected to them, if you click on a shady pop-up ad, for example.
In some cases, clicking the “I’m not a robot” box, or anywhere else on the page, can trigger a prompt to subscribe to a calendar. To trick you, the calendar name is blanked out. So in a hurry to get through the captcha process, you might click OK. Now the criminals can spam you with calendar events, full of suspicious links.
Email address obtained by spammers
Spammers can get hold of the email address which is tied to your calendar app, and it’s a lot easier than you might think. For example, this can happen if:
- You enter your information on dubious websites that secretly make money by selling your information.
- A company that holds your email address suffers a data leak.
How to remove the subscribed calendars using your iPhone
Individual events in subscribed calendars can’t be removed. Instead, remove the entire subscribed calendar.
- From your iPhone settings, scroll down and tap “Calendar.”
- Once you’re in Calendar, click “Accounts.”
- Select any calendars you don’t recognize.
- Tap “Delete Account.”
How to avoid getting spam on the iPhone calendar?
1. Get notified of dangerous websites with NordVPN
Threat Protection warns you before you visit dangerous websites, known for hosting malicious ads and malware. Pages that are known to be dangerous can be spotted and blocked thanks to our huge database of blacklisted websites. Threat Protection is included with all NordVPN subscriptions, and can be enabled from the settings in the main menu.
2. Be aware of shared devices across your Apple ID
Many Apple product users have other Apple devices (iWatch, iPads, MacBooks), often tied to a single ID. Be aware of who else uses these devices, and what services or ads they may have unwittingly signed you up to.
3. Keep your software updated
Hackers rely on the complacency of their victims. Don’t keep ignoring the alerts that pop up on your screen. Some of the software updates will close any security vulnerabilities that may have been noticed by developers.