How to stop Google Calendar Scam

Keywords: Google Calendar, Scam, Spam, calendar invitation, unknown calendar events, phishing, prevent calendar scam

If you are seeing unknown or abnormal events in your Google calendar, follow the steps to stop it, otherwise your Google calendar might get flooded by those scam /phishing events.

1 Login to your Google calendar: https://calendar.google.com

2 Click on the settings (gear) icon at top right corner

Google calendar
Google calendar

3 Click on “Event settings” at left hand side, click on “Automatically add invitations”, set it to “No, only show invitations to which I have responded”

Google calendar - Event settings
Google calendar – Event settings

4 Click on “Events from Gmail” at left hand side, uncheck “Automatically add events from Gmail to my calendar”

Google Calendar - Events from Gmail
Google Calendar – Events from Gmail

How to: Office 365 with Multi-factor authentication (MFA) for old Outlook Windows Manual Exchange Configuration

Old version of Microsoft Outlook does not work with Office 365 with MFA enabled, which will faill at sign in stage.

This Guide walk you through with proper configuration to make it work even for old vero of Outlook.

1 Logon to https://www.office.com

2 Open this link: https://portal.office.com/account/ (Or go to My account)

Office365.com -> Settings
Office365.com -> Settings

3 Click on Security & privacy -> Additional security verification -> Create and menagae app passwords

Office 365 -> My account -> Security & privacy
Office 365 -> My account -> Security & privacy

4 Create an App password, give it a proper name, copy the password save it for later use.

5 Open the Control Panel.

6 Type mail in search bar, click on search result

Control Panel -> Search bar
Control Panel -> Search bar

7 Click Email Accounts…

Mail Setup - Outlook
Mail Setup – Outlook

8 Click New…

Mail (Outlook) - Accout Settings
Mail (Outlook) – Accout Settings

9 Select Manual setup or additional server types, then click Next.

Mail (Outlook) -> Add Account
Mail (Outlook) -> Add Account

10 Select Microsoft Exchange Server or compatible service, then click Next.

Mail (Outlook) -> Add Account
Mail (Outlook) -> Add Account

11 Enter the following in the corresponding fields:

Server: outlook.office365.com

User Name: username

When finished, click More Settings

*Warning: Do not click the Check Name button at this step, or the configuration process will fail.

Mail (Outlook) -> Add Account
Mail (Outlook) -> Add Account

12 Click Security

Mail (Outlook) -> Microsoft Exchange
Mail (Outlook) -> Add Account

13 Uncheck Encrypt data between Microsoft Outlook and Microsoft Exchange.

Choose Anonymous Authentication from the Logon network security drop-down menu.

Mail (Outlook) -> Microsoft Exchange
Mail (Outlook) -> Microsoft Exchange

14 In the Connection tab, check Connect to Microsoft Exchange using HTTP, then click Exchange Proxy Settings…

Mail (Outlook) -> Microsoft Exchange
Mail (Outlook) -> Microsoft Exchange

15 In the Use this URL to connect to my proxy server for Exchange field, enter outlook.office365.com.

Mail (Outlook) -> Microsoft Exchange Proxy Settings
Mail (Outlook) -> Microsoft Exchange Proxy Settings

16 Check the Only connect to proxy servers that have this principal name on their certificate, then enter msstd:outlook.com in the associated text field.

Mail (Outlook) -> Microsoft Exchange Proxy Settings
Mail (Outlook) -> Microsoft Exchange Proxy Settings

17 Make following changes:

Check the On fast networks, connect using HTTP first then connect using TCP/IP box.

Select Basic Authentication from the Use this authentication when connecting to my proxy server for Exchange drop-down menu.

Mail (Outlook) -> Microsoft Exchange Proxy Settings
Mail (Outlook) -> Microsoft Exchange Proxy Settings

18 Click OK.

Mail (Outlook) -> Microsoft Exchange Proxy Settings
Mail (Outlook) -> Microsoft Exchange Proxy Settings

19 Click OK.

Mail (Outlook) -> Microsoft Exchange
Mail (Outlook) -> Microsoft Exchange

20 Click Check Name.

Mail (Outlook) -> Add Account
Mail (Outlook) -> Add Account

21 An authentication prompt will appear. Enter your [email protected] and password form step 4 in the corresponding fields, then click OK.

Windows Security - Login
Windows Security – Login

22 Click Next >.

23 Click Finish. Your account will be setup and you can open Outlook to begin using your Exchange account.

Mail (Outlook) -> Add Account
Mail (Outlook) -> Add Account

Easy to use Web Penetration test (Pentest) Tools – OWASP Broken Web Applications Project & WebGoat

WebGoat

WebGoat is a deliberately insecure web application maintained by OWASP designed to teach web application security lessons.

It includes many typical attacks, SQL Injection, Cross-site Scripting (XSS) attack, Parameter Injection etc.

OWASP WebGoat Interface
OWASP WebGoat Interface

Download: https://github.com/WebGoat/WebGoat

Note: WebGoat require JAVA to work

OWASP Broken Web Applications Project

OWASP Broken Web Applications Project includes WebGoat, it also includes many other packages for learning and practicing Pentest on web applications.

 OWASP Broken Web Applications Project Screenshot
OWASP Broken Web Applications Project Screenshot

Official website: https://www.owasp.org/index.php/OWASP_Broken_Web_Applications_Project

Download: https://sourceforge.net/projects/owaspbwa/files/

Note: OWASP Broken Web Applications Project is packed as a virtual machine. You can use VirtualBox or VMware Workstation or VMware Player to launch it, in order to get the webpage as shown above.

(VirtualBox and VMware Player is free, VMware Workstation is not free, as of this writing)