Apple has another problem with calendar spam and fraudulent notifications. A growing number of iPhone users are reporting unwanted appointment messages, including with pornographic content, sometimes with alleged virus warnings and other messages intended to frighten the recipient as much as possible. The spam events noted in the calendar are usually provided with links that lead to phishing sites, for example.
The links can also lead to redirects to probably fraudulent VPN apps and alleged security tools in Apple’s App Store.
Fraudulent iPhone calendar subscriptions
In contrast to the large wave of calendar spam that caught many iCloud users in 2016, the fraudsters no longer rely on calendar invitations. Apple has also made the old scam more difficult by taking countermeasures on the iCloud side.
Instead, a convenient function for subscribing to calendars is abused: users are shown a message on manipulated websites in the web browser that prompts them to tap “OK” to continue, as reported by the security company Malwarebytes. However, this also means that the spam calendar is subscribed to, as can only be seen by reading the entire notice.
It is also possible that questionable apps store spam calendars on iPhones, but the user of the app must first have given permission for this.
Calendar subscriptions can be easily deleted – but not prevented
The subscribed spam calendars can easily be deleted from Apple’s calendar app. In response to the growing number of reports, the company has apparently published its own support video that shows the simple procedure.
There is currently no function to generally deactivate subscribed calendars or to prevent them from being added. So the problem will remain as long as users are tricked into subscribing to the spam calendar.