HelpDesk

Students
Google
Name Change
Aspen
Staff
Certify
Parent Square for staff
Other
Wifi
Aspen
Google
Phones and Voicemail
How to use Follow Me Print / Papercut on a Ricoh
Talented
PLP
Name Change
Projectors
Intern Accounts
Parents
Google
Activity Portal
Parent Square for Parents
Aspen

Prevent Calendar Injections

Creation date: 1/23/2026 9:32 AM Updated: 1/23/2026 11:02 AM calendar google

Calendar Injection (also known as Calendar Spam) is a tactic where attackers bypass traditional email spam filters by placing malicious or unwanted events directly onto a user's calendar.

How to Stop It (User Level)

You need to change two specific settings in the user's Google Calendar to prevent this from happening again.

Step 1: Stop Auto-Adding Invites

Open Google Calendar on a desktop.
Click the Gear Icon (Settings) > Settings.
On the left sidebar, click Event settings.
Find the dropdown for "Add invitations to my calendar."
Change this setting to: "When I respond to the invitation in email."
- Note: You can also choose "Only if the sender is known," but the option above is the safest lock-down method.

Step 2: Stop Events from Gmail

In the same Settings menu, look for Events from Gmail.
Uncheck the box that says "Show events from Gmail"
It will warn you that you will no longer see auto-generated events (like flight confirmations). Confirm by clicking OK.

DataImage80.png