A .ics file is an iCalendar event file used to exchange calendar information such as meeting invitations, reminders, and recurring events. Email clients and calendar apps can open it as an attachment or import it as a scheduled item, which makes it a common way to distribute invites across platforms.
In cyber security, .ics files matter because attackers can abuse the trust users place in calendar workflows. A malicious invite may carry a phishing link, hidden organizer details, or content that creates a persistent calendar entry even after the email is deleted. That persistence can make cleanup harder and can move the lure out of normal email defenses. Defenders should treat unexpected .ics attachments like any other untrusted file: inspect the sender, review embedded links, and remove both the message and the calendar artifact when needed. Monitoring calendar permissions and limiting automatic event imports can also reduce risk.