Major Cybersecurity Alert: iPhone Users Warned of Dangerous Calendar-Based Scam

A major cybersecurity alert has been issued to the 1.8 billion iPhone users worldwide, warning of a dangerous scam exploiting Apple calendar features. Researchers have uncovered a scheme where malicious actors flood devices with fake alerts designed to trick users into sharing sensitive data. The attack requires no app installation or software download, making it particularly insidious. Users are warned to avoid clicking any suspicious calendar invites, as these could lead to phishing attempts or data theft.

The scam works by luring victims into subscribing to hidden calendars through deceptive pop-up notifications. Once subscribed, attackers gain the ability to send unlimited alerts directly to the device. These alerts often mimic urgent security warnings, prize notifications, or official system messages. The deceptive nature of these alerts is amplified by the fact that calendar subscriptions bypass Apple's App Store, making them appear more legitimate than typical phishing emails.

Experts stress that Apple will never send virus alerts or phishing messages through its Calendar app. Users are advised to immediately review their calendar settings and delete any suspicious subscriptions. Steps to remove these include navigating to Settings > Apps > Calendar > Calendar Accounts > Subscribed Calendars. If unfamiliar subscriptions are found, they should be deleted promptly. Apple users have also shared alternate methods on support forums, such as blocking suspicious email addresses through the Mail app.

Some users have reported finding spam invites even in their junk mail, highlighting a flaw in Apple's current system. One Reddit user noted, 'If they're using calendar events to communicate with you, they certainly did not hack into your device.' Another user recommended adjusting settings to require manual approval of calendar invites rather than automatic addition from emails.

Security researchers warn that such notification-based scams are likely to grow as attackers seek new ways to bypass app-store security. The scheme's rapid spread has raised concerns, with users urging Apple to address the vulnerabilities in its calendar system. 'You have to go find it and delete it from your junk, which is a hassle,' one user remarked, calling for Apple to improve its filtering mechanisms.

Cybersecurity experts emphasize the importance of common-sense precautions. 'Rule of thumb is common sense,' one commenter noted. 'You need to go into your Calendar subscriptions and remove any that you do not recognize.' As the threat evolves, staying vigilant and reviewing calendar settings regularly is critical to protecting personal information from exploitation.