Standard Chartered Names Peter Burrill as Interim Group CFO Following Diego De Giorgi’s Exit 
Air New Zealand Cabin Crew Strike Set for February 12–13 Amid Failed Talks 
xAI Co-Founder Jimmy Ba Departs as Elon Musk’s AI Startup Faces Turbulence 
Macquarie Group Shares Jump as Third-Quarter Trading Conditions Improve Across Key Units 
Samsung Electronics Shares Jump on HBM4 Mass Production Report 
Alphabet Plans Rare 100-Year Sterling Bond to Fund AI Expansion 
Treasury Wine Estates Shares Surge After U.S. Dispute Settlement and Earnings Upgrade 
Moderna Stock Drops After FDA Declines Review of mRNA Flu Vaccine 
Cloudflare Forecasts Strong Revenue Growth as AI Fuels Cloud Services Demand 
Russia Signals Further Restrictions on Telegram Amid Ongoing Regulatory Disputes 
FDA Rejects Review of Moderna’s Flu Vaccine Application, Shares Slide 
Samsung Electronics Sees Sustained AI-Driven Demand for Memory Chips Into Next Year 
ByteDance Advances AI Chip Development With Samsung Manufacturing Talks 
AST SpaceMobile Joins MSCI ACWI Index as Largest New Addition, Boosting Market Visibility 
Petrobras Posts Record Oil Exports as Production Surge Fuels Global Expansion 
Salesforce Workforce Reduction Affects Fewer Than 1,000 Roles Amid Ongoing Restructuring 
American Airlines CEO to Meet Pilots Union Amid Storm Response and Financial Concerns 
MCKINLEYVILLE, Calif. and SAN FRANCISCO, April 05, 2018 -- Recognizing that calendar spam is a growing exploitation channel, CalConnect and the global anti-abuse association M3AAWG have joined forces to develop new methods to protect end-users from unsolicited and malicious event notices. The new liaison between the scheduling developers’ organization and the Messaging, Malware and Mobile Anti-Abuse Working Group will accelerate industry efforts to develop techniques that block invites to fake events and other malicious notices on popular calendaring platforms.
|
|||
Calendar spam is a new form of abuse that takes advantage of the application layer across multiple technologies, including scheduling, calendaring and messaging systems. For example, users have received fraudulent emails impersonating well-known brands that include calendar invites to special “discount” events. As is the case with email spam, calendar spam can be used for malicious purposes such as phishing or to deliver malware payloads.
CalConnect (The Calendaring and Scheduling Consortium) also has established a new technical committee, TC CALSPAM, to better protect users from calendar system abuse. The committee aims to understand the current and potential use of calendar systems as a vector for delivering undesired information and will provide current information and guidelines on the topic to CalConnect and M3AAWG participants.
"Calendaring is an intimate part of everyone’s lives. Calendar spam is particularly unsettling because the abuse directly pops up on a person’s calendar. It’s personally disruptive and especially disturbing," said Thomas Schäfer, 1&1’s Head of Technical Site Management who chairs TC CALSPAM.
Differs from Other Abuse Schemes
CalConnect and M3AAWG will develop the measures and best practices for developers and system operators to ensure legitimate usage of their platforms. The collaborative effort is important because calendar spam is unique as an abuse vector in a number of ways:
- Calendar spam, unlike email, can be placed chronologically anywhere in a calendar – in the past or the future, not just the present – making it difficult to detect at the time of delivery.
- Spam meeting invitations can be automatically added to calendars without the users’ consent with notifications sent to all their devices. These invitations are not only difficult to find but, in some cases, there is no way for the user to remove these events short of deleting the entire calendar.
- Calendar events and meeting invitations do not yet carry the rich provenance, i.e., the detailed header information that is included in email, making it difficult to ascertain where and when events originated and where they were delivered.
- Calendar events often contain notifications or alarms that are propagated across a user’s many desktop and mobile calendaring clients, exacerbating the problem.
M3AAWG Executive Director Jerry Upton said, “Calendar spam has shown itself to be a new but rapidly maturing vector for spammers. As we’ve seen in addressing other abuse issues in M3AAWG, cross-domain problems like this require input from experts in multiple disciplines and collaborating with CalConnect and their subject matter is the most direct route to combatting this evolving threat."
Call for Industry Participation
The reciprocal membership agreement between the two organizations became effective in February and allows the calendaring and scheduling developers, vendors and service providers in CalConnect and the messaging and email authentication experts in M3AAWG to share information and work. CalConnect members participated in the M3AAWG 42nd General Meeting in San Francisco in February, kicking off the joint work on applicable anti-abuse methodologies. The 43rd M3AAWG General Meeting will be held June 4-7 in Munich, Germany.
CalConnect President Rutger Geelen said, “We recognize that calendar spam is a real threat and a growing problem. First and foremost, we endeavor to protect users against such abuse. Since event and meeting invitations are often delivered via email, it makes sense to collaborate with the messaging identity and authentication experts at M3AAWG in our effort to return full control of collaboration and communications to the end users themselves."
Organizations interested in joining the CalConnect calendar spam committee should contact CalConnect Executive Director Dave Thewlis at [email protected] or CalConnect Director of External Relations Ronald Tse at [email protected].
About The Calendaring and Scheduling Consortium (CalConnect)
CalConnect, The Calendaring and Scheduling Consortium, CalConnect, is a not-for-profit organization advancing the state of interoperable calendaring, scheduling and digital contacts. Founded in 2004 as a partnership between vendors and users of calendaring and scheduling tools and technologies, its membership includes some of the world’s largest software companies as well as small startups. Virtually every important calendaring-related standard since 2004 has been authored, edited, and/or co-edited by members of a CalConnect Technical Committee. http://www.calconnect.org.
About the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG)
The Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) is where the industry comes together to work against bots, malware, spam, viruses, denial-of-service attacks and other online exploitation. M3AAWG (www.m3aawg.org) members represent more than one billion mailboxes from some of the largest network operators worldwide. It leverages the depth and experience of its global membership to tackle abuse on existing networks and new emerging services through technology, collaboration and public policy, and works to educate global policy makers on the technical and operational issues related to online abuse and messaging.
Media Contacts:
Ronald Tse, Director, External Relations, [email protected]
CalConnect (The Calendaring and Scheduling Consortium), https://www.calconnect.org
Linda Marcus, APR, Astra Communications, +1-714-974-6356 (U.S. Pacific), [email protected]
M3AAWG (Messaging, Malware and Mobile Anti-Abuse Working Group), https://www.m3aawg.org
