Most of us are familiar with phishing through emails, SMS messages, or phone calls. What many people don’t realise is that phishing attempts can also appear directly in our calendars.
Meeting‑invite phishing is a social engineering technique where attackers send malicious calendar invitations through one’s Inboxes. These fake invitations are designed to appear legitimate and may resemble well‑known or routine calendar events. Because calendar event files are commonly used and trusted by our email and calendar/scheduling applications, most security scanning solutions may not inspect them as they do not inherently appear dangerous. But in fact, they are!
The scope behind such attempts is malicious – set to either obtain user credentials, deliver malware or trick users to join fake meetings. In some cases, default calendar settings automatically add invitations without user approval, resulting in tentative events being created even if the email was never opened. Such invites will generally contain a form of attachment, a link or a QR code and once the user interacts with such, is when the malicious action (such as malicious downloads) occurs.
How to Recognise Suspicious Calendar Invites
As with other phishing attempts, meeting‑invite phishing often includes:
- A sense of urgency or alarm
- An unexpected invitation with no prior communication, context, or agenda
Users should be particularly cautious of:
- Unfamiliar or unusual meeting titles
- Meetings scheduled at odd hours or in unfamiliar time zones
- Invitations from unknown or unexpected email addresses
- Calendar invite emails containing attachments
How to Protect Yourself
To reduce the risk of calendar‑based phishing attacks, users are advised to:
- Review and update calendar settings to prevent events from being added automatically
- Restrict calendar access to trusted senders and approved applications
- Use multi factor authentication on your accounts. By enabling such, one mitigates the impact of an attempt to steal credentials.
If you receive a suspicious calendar invitation:
- Do not click on any links
- Do not open attachments
- Do not reply to the invitation
- Delete the event and block the sender
Think twice next time a strange meeting appears in your calendar! It may be more than just a simple invite!