What is calendar invite phishing?

Calendar invite phishing is an attack where the attacker sends a fake meeting invitation that the recipient's email client accepts and adds to their calendar automatically. The invitation contains a malicious link or a fraudulent meeting agenda. The attack exploits the trust users place in their calendar UI and the automatic-acceptance behavior of most modern email clients.

How does calendar invite phishing reach the inbox?

The attacker sends an ICS file (or its in-line equivalent) to the target. Most email clients automatically parse ICS attachments and add the meeting to the user's calendar, sometimes without explicit acceptance. The user sees a calendar entry for a meeting they did not arrange and may follow the included link or open the attached document.

Can spam filters catch calendar invite phishing?

Inconsistently. Native Gmail and Outlook filters catch the obvious mass-volume version where the calendar attachments are technically suspicious. Targeted versions where the calendar invite mimics a legitimate meeting structure often pass because nothing about the technical format is malicious.

Why does calendar invite phishing succeed?

Three reasons. First, the calendar UI is a trusted surface; users do not expect attacks to come through it. Second, the auto-acceptance behavior bypasses the user's normal evaluation step (they did not click anything). Third, calendar invites can include URLs and attachments that look like meeting materials, which the user is more likely to engage with than a random email link.

Does an email paywall help with calendar invite phishing?

Partially. Calendar invites still arrive as email messages with ICS attachments. The cover charge gate applies to unknown senders attempting to send calendar invites just as it applies to other mail. The mass version of calendar phishing becomes uneconomical when each recipient costs four cents. The targeted version where the sender is willing to pay still arrives.

Calendar Invite Phishing Vector

Calendar invite phishing exploits a trusted UI surface. Here is how the attack works, why it succeeds, and what defenses actually catch it.

Calendar invite phishing has emerged as one of the more interesting attack vectors of the last few years. The attack exploits a UI surface that users trust implicitly: the calendar. The technical mechanism is simple, the success rate is real, and the defenses are still maturing. This post is the realistic guide.

How the Attack Works

The technical mechanism:

Step one: send an email with an ICS attachment. ICS (iCalendar) is the standard format for calendar invitations. Every modern email client parses ICS attachments and offers to add the meeting to the user’s calendar. Some clients do this automatically; others prompt the user.

Step two: rely on auto-add behavior. Outlook, Gmail, and Apple Mail all have configurations that automatically add calendar invitations to the user’s calendar. The user does not have to click “accept.” The meeting just appears.

Step three: include malicious content in the invite. The ICS file’s “description” field can contain URLs, formatted text, and attachments. The “location” field can be a URL. The user opens their calendar to see the meeting and clicks one of these elements.

Step four: collect the click or the credential. The attacker’s payload is whatever they planned: credential phishing on a fake login page, malware download, fraudulent payment instruction, or social-engineering follow-up.

The attack is structurally similar to attachment-based phishing, but the calendar surface gives it an unusual position in the user’s awareness. The user is not opening an email and clicking a link. The user is opening their calendar and clicking what looks like meeting materials. The mental model is different.

Why It Succeeds

Three reasons explain why calendar invite phishing has gained traction.

The calendar UI is a trusted surface. Users have had calendars for decades. The interface is familiar, the meeting entries look like meetings, and the user’s mental model treats the calendar as authoritative. An attack that lives in the calendar is harder to spot because the user is not in evaluating-mail mode.

Auto-acceptance bypasses evaluation. When the calendar invite is added automatically, the user’s normal email-evaluation step is skipped. They never decided to engage; the engagement happened to them. Some users do not realize the meeting is in their calendar until they look at it days later.

Calendar invites embed engagement vectors. Real meeting invites legitimately contain URLs (Zoom links, Teams links, Slack channels), attachments (agendas, supporting documents), and contact information. The user is conditioned to click these elements when preparing for a real meeting. The attack exploits the conditioning.

What Standard Defenses Do and Do Not Do

A typical user’s defenses against calendar invite phishing:

Native Gmail and Outlook filtering. Catches the obvious mass-volume version where the calendar attachment is technically malformed or the sender is on a blacklist. Targeted versions where the invite is structurally clean often pass.

Anti-phishing protection (Defender, Workspace Advanced Protection). URL rewriting applies to URLs in the invite description if the product is configured to scan calendar attachments. Coverage is uneven across products and configurations.

User awareness. Trained users learn to be suspicious of meetings they did not arrange. The training is genuinely useful but produces partial results because the auto-acceptance pattern bypasses the user’s evaluation step before they can be skeptical.

Calendar-side controls. Some calendar platforms allow users to disable auto-acceptance of calendar invites from external senders. The configuration is buried in settings most users never visit. Enabling it is high-impact and low-cost.

The honest summary: most standard defenses catch some calendar invite phishing but not all. Targeted versions engineered to look like legitimate meetings often pass.

Practical Defenses That Actually Help

Disable auto-acceptance of external calendar invites. In Outlook on the web, Settings > Calendar > Events from email > toggle off the auto-add. In Workspace, Calendar Settings > Event settings > “Add invitations to my calendar” > “When I respond to the invitation in email” rather than “From everyone.” The settings are buried but the change is durable.

Treat unexpected calendar entries with suspicion. A meeting that appeared in your calendar that you did not arrange is suspicious by default. Verify with the apparent organizer before clicking anything in the invite. Use a known phone number or messaging channel; do not reply to the invite itself.

Inspect calendar entries for unusual elements. Strange URLs in the location field, attachments you do not recognize, agendas you did not request, or organizers you do not know. Any of these signals warrants scrutiny.

Use external-sender warnings. Enable warnings for calendar invites from external domains. Workspace and Microsoft 365 both offer these, often disabled by default.

Train staff specifically. Generic phishing training rarely covers calendar invite phishing. A specific module on the pattern is high-impact for the staff most likely to encounter it (executives, admins, anyone with public-facing meeting workflows).

Calendar invites still arrive as email messages with ICS attachments. The inbox-layer filtering applies:

Mass calendar invite phishing. A 1,000-recipient mass campaign sending fake meeting invites becomes uneconomical when each recipient costs four cents. The mass version of the attack does not run.

Unknown-sender calendar invites. A calendar invite from a sender not on the user’s guest list goes through the cover-charge gate or the held-for-review folder. The user sees the invite as held mail rather than as an auto-added calendar entry. The handling is more conservative than auto-acceptance.

Targeted calendar invite phishing. A precision attack from a sender willing to pay the cover charge or impersonating a sender on the guest list still arrives. The cover-charge gate does not solve the targeted case. When the impersonator pays, the invite arrives with a PAID label, which is itself useful signal: anyone the user already meets with regularly would be on their guest list and would not pay a cover charge to schedule a meeting.

A Specific Honest Note

Calendar invite phishing is a real and growing attack vector that exploits a UI surface most users do not think of as a phishing channel. The defenses are still maturing because the pattern is relatively new.

The most impactful single defense is disabling auto-acceptance of external calendar invites. This change costs nothing and substantially reduces the attack surface. For organizations with admin functions, configuring the policy at the tenant level is even better.

Rythm’s role is to reduce the volume of mass-volume calendar invite phishing reaching users by making the campaign math uneconomical. The targeted version still requires user awareness and procedural defenses.

For the related guides, see the anatomy of a modern phishing email, vendor impersonation: the quiet phishing vector nobody talks about, and phishing awareness training: what it catches and what it misses. For the broader frame, see why phishing emails are getting harder to spot in 2026 and what is BEC. Rythm is $1.65 per month, cancel anytime.

Calendar Invite Phishing: The Vector Nobody Saw Coming