Most people think phishing arrives through email or text messages. But a newer method delivers the attack through your calendar.
Attackers send a Calendar file or meeting invite that looks legitimate. Once it is accepted, the event is automatically added to your schedule, along with a link that leads to a malicious site.
This is especially dangerous because calendars feel trustworthy. The event appears next to real meetings, and the link looks like a normal part of your daily routine.
Why it works:
- It raises less suspicion than a typical email
- The event stays in the calendar for days
- People click under pressure, right before a meeting
How to stay safe:
- Do not accept unexpected invites
- Check who sent the event
- Be cautious with links inside meeting descriptions
- Verify any link with an anti phishing app before clicking
Phishing no longer lives only in your inbox. It is now inside your schedule.
