How is this possible? Fairly simple.
Sample screenshot of the fraudulent Google Calendar invitation:
Therefore, by automating the process of sending Calendar Invites, 419 advance fee scammers or virtually any type of scammers, are directly syndicating their fraudulent ‘proposals’ with the Android devices of their prospective victims. The tactics greatly remind us of known cases where 419 advance fee scammers are known to have abused Dilbert.com and NYTimes.com’s “Email This” feature in an attempt to successfully bypass anti-spam filters.
Due to the ease of registering tens of thousands of Google Accounts, or actually buying access to pre-registered accounts, we expect that this practice will continue, with the fraudsters behind it eventually shortening the time frame between the invitation and the actual event, to achieve a near real-time ‘reminder’ notification for a Calendar Event.