A sophisticated cyberattack is targeting Gmail users through fraudulent, unsolicited Google Calendar notifications. The campaign takes advantage of a common default feature for people using Gmail on their smartphone: Calendar invites automatically pop up on phones, prompting users to accept or decline them. The attack vector can also be used for other malicious activities, such as getting users to click on a link that downloads malware. Similar attacks have been seen using notifications from Google Photos, Google Hangouts and even commercial services like Google Analytics to attack targets.
Source: https://threatpost.com/google-calendar-attacks-mobile/145588/