Invitation to Trouble: The Rise of Calendar Phishing Attacks

The Cofense Phishing Defense Center observed phishing campaigns leveraging spoofed Microsoft and Google Calendar invitations to harvest user credentials. Attackers use visually convincing calendar buttons and messages (including urgent language) that redirect victims to fake Microsoft login pages hosted on non-Microsoft domains; the report lists multiple infection and payload URLs and associated IP addresses observed in these campaigns and warns organizations to scrutinize sender addresses and links to prevent credential theft.