How to avoid iPhone calendar viruses

How does the iPhone calendar virus work?

If an attacker knows the email address associated with your calendar account, they can send you deceptive calendar invites riddled with infectious hyperlinks.

You might also be tricked into subscribing to a calendar on suspicious websites, which allows spammers to send you tonnes of spam calendar messages, attached to bogus events. (These calendars are often disguised as fake captchas, which we discuss in the following section).

If you fall for the trick, you’ll click on the links or buttons within the calendar message.

This could potentially download malware onto your device, or redirect you to shady websites that might steal your data.

What does iPhone calendar spam look like?

In these bogus calendar events, you’ll probably notice messages with odd URLs and alarming headlines, telling you that your ‘phone is hacked’ and urging you to click a link. Some of these spam messages might look like this:

• Click NOW to Secure your iPhone
• iPhone 13 is Here, pick it up or Rearrange delivery
• Tom sent you 2 Pictures
• Your iPhone Has Been Infected with a Virus! Remove it now
• Easy Short-Term Loans – Apply Online
• Black Friday is Here: Canada Goose Only $99 and similar

Another giveaway is if the bogus events are assigned to a Calendar named: CLICK SUBSCRIBE.

2 ways to get infected with iPhone calendar spam

So how do you end up getting spammed with fake calendar invites in the first place? Well, the hackers will start by getting you subscribed to their dodgy calendar, or by stealing your email address directly. There are two ways it can happen:

If you accidentally click on fake captchas

You’ll have seen captchas before: these are the little puzzles websites make you complete to prove you’re not a bot. isTargetBlank>But sometimes scam websites display fake captchas to bypass warnings from your browser and to make you press certain keys that trigger malicious downloads.

You might encounter these scam websites after being redirected to them, if you click on a shady pop-up ad, for example.

In some cases, clicking the “I’m not a robot” box, or anywhere else on the page, can trigger a prompt to subscribe to a calendar. To trick you, the calendar name is blanked out. So in a hurry to get through the captcha process, you might click OK. Now the criminals can spam you with calendar events, full of suspicious links.

If spammers have got hold of your email address

Spammers can get hold of the email address which is tied to your calendar app, and it’s a lot easier than you might think. For example, this can happen if:

• You enter your information on dubious websites that secretly make money by selling your information.
• A company that holds your email address suffers a data leak.

How to remove the subscribed calendars using your iPhone

Individual events in subscribed calendars can’t be removed. Instead, remove the entire subscribed calendar.

Step 1: From your iPhone settings, scroll down and tap ‘Calendar’.

Step 2: Click ‘Accounts’.

Step 3: Once you’re in Accounts, look for and select any calendars you don’t recognise.

Step 4: Tap ‘Delete Account’.

How to stop spam on my iPhone calendar?

1. Avoid websites that don’t use https encryption, as they’re more likely to host pop-up ads designed to infect you with spam. A secure website encrypts all of the information you input on its page using the http protocol combined with TLS, which should be visible in the URL bar. The ‘s’ in https stands for ‘secure’. Here are some other ways to spot a scam.

2. Avoid dangerous websites with NordVPN

NordVPN’s CyberSec feature warns you before you visit dangerous websites, known for hosting malicious ads and malware. Pages that are known to be dangerous can be spotted and blocked thanks to our huge database of blacklisted websites.

CyberSec is included with all NordVPN subscriptions, and can be enabled from the settings in the main menu.