iCalendar, commonly stored in .ics files, is a standard format for exchanging calendar events between mail clients, calendars, and scheduling systems. It can describe meeting times, locations, attendees, reminders, and links, which makes it useful for legitimate business scheduling.
In cyber security, the same convenience can be abused as a delivery mechanism for phishing. An attacker may send a crafted invite that looks routine, but contains a malicious link or steers the victim toward a login prompt, file download, or other follow-up action. Because calendar invitations often appear in trusted productivity workflows, they may bypass casual suspicion more easily than a plain email. Defenders should inspect unexpected invites, filter dangerous links in event content, and monitor for sign-in activity that follows a suspicious calendar request.



