Invitation to Trouble: The Rise of Calendar Phishing Attacks
Essential information
- Published
- 19/02/2026 15:26
- Modified
- 19/02/2026 18:13
- Tags
- 2026-02-19 calendar phishing corporate targeting credential-theft email spoofing fake invitations google microsoft social engineering
- Related entities
- 7 observables, 4 techniques (mitre), 8 others
Description
A new phishing tactic involving fake Microsoft and Google Calendar invites has been identified, aimed at stealing login credentials. These sophisticated attacks mimic designs from well-known platforms, exploiting routine business activities like scheduling meetings. Threat actors use email spoofing and create fake urgent calendar invitations to deceive employees. The phishing emails often contain buttons or links that redirect to fake login pages, closely resembling official Microsoft or Google login screens. The campaigns exploit the popularity of calendar invitations in corporate environments, allowing attackers to gather sensitive information if users are not vigilant. To prevent falling victim to these attacks, it is crucial to verify the authenticity of calendar invites, carefully check sender details, and avoid clicking suspicious links from unknown senders.