SPAM email forwarded via Google Agenda using Outlook ics file (never seen before)


X

x509

Well-known member
Member
VIP
Local time
5:27 AM
Posts
672
Location
Western USA
OS
Windows 11 2H25
My bitdefender Anti-spam did not let me submit this email to Bitdefender because the email came from Google Agenda. Here is a screenshot of the attached Outlook .ics (calendar entry) fil

1778539528494.webp
This is the first time I have seen Outlook Calendar being used as a malware vector.
 

My Computer

System One

  • OS
    Windows 11 2H25
    Computer type
    PC/Desktop
    Manufacturer/Model
    DIY
    CPU
    AMD 9900X
    Motherboard
    MSI X870E Carbon
    Memory
    64 GB
    Graphics Card(s)
    AMD 9070 XT
    Sound Card
    built-in
    Monitor(s) Displays
    Dell 24"
    Hard Drives
    Sabrent 1 TB NVMe, 4 x SSD (need to check models), 4 x 3.5" HDD, 8-16 TB, all WD
    PSU
    Seasonic 850
    Case
    Fractal Design North XL (which I likw)
    Cooling
    Corsair AIO for CPU, fans for case
    Keyboard
    Das Keyboard 4
    Mouse
    Corsair M65 (white)
    Internet Speed
    1 TB download
    Browser
    Firefox
    Antivirus
    Bitdefender
    Other Info
    Also have Lenovo T14S laptop (me) and Lenovo Slim 71 (wife)
It would be more helpful and instructional if you post the email image (appropriately redacted) along with the From/Reply-To headers.

Based on your description, it sounds like you received a Google Calendar invite, but received it in your Outlook client, so the event wasn't added to either Google Calendar or Outlook Calendar.

Calendar invites (Google Calendar, Outlook/Exchange) can contain malicious links or attachments and are used in phishing and malware campaigns.
 

My Computer

System One

  • OS
    Windows 11 Pro 25H2
    Computer type
    PC/Desktop
echo2446 said:
It would be more helpful and instructional if you post the email image (appropriately redacted) along with the From/Reply-To headers.
Click to expand...

Can you give me an example.
echo2446 said:
Based on your description, it sounds like you received a Google Calendar invite, but received it in your Outlook client, so the event wasn't added to either Google Calendar or Outlook Calendar.
Click to expand...

Yes.
echo2446 said:
Calendar invites (Google Calendar, Outlook/Exchange) can contain malicious links or attachments and are used in phishing and malware campaigns.
Click to expand...
Ok, but this is the first time I have seen apparent malware embedded in an Outlook ICS file.
 

My Computer

System One

  • OS
    Windows 11 2H25
    Computer type
    PC/Desktop
    Manufacturer/Model
    DIY
    CPU
    AMD 9900X
    Motherboard
    MSI X870E Carbon
    Memory
    64 GB
    Graphics Card(s)
    AMD 9070 XT
    Sound Card
    built-in
    Monitor(s) Displays
    Dell 24"
    Hard Drives
    Sabrent 1 TB NVMe, 4 x SSD (need to check models), 4 x 3.5" HDD, 8-16 TB, all WD
    PSU
    Seasonic 850
    Case
    Fractal Design North XL (which I likw)
    Cooling
    Corsair AIO for CPU, fans for case
    Keyboard
    Das Keyboard 4
    Mouse
    Corsair M65 (white)
    Internet Speed
    1 TB download
    Browser
    Firefox
    Antivirus
    Bitdefender
    Other Info
    Also have Lenovo T14S laptop (me) and Lenovo Slim 71 (wife)

My Computer

System One

  • OS
    Windows 11 2H25
    Computer type
    PC/Desktop
    Manufacturer/Model
    DIY
    CPU
    AMD 9900X
    Motherboard
    MSI X870E Carbon
    Memory
    64 GB
    Graphics Card(s)
    AMD 9070 XT
    Sound Card
    built-in
    Monitor(s) Displays
    Dell 24"
    Hard Drives
    Sabrent 1 TB NVMe, 4 x SSD (need to check models), 4 x 3.5" HDD, 8-16 TB, all WD
    PSU
    Seasonic 850
    Case
    Fractal Design North XL (which I likw)
    Cooling
    Corsair AIO for CPU, fans for case
    Keyboard
    Das Keyboard 4
    Mouse
    Corsair M65 (white)
    Internet Speed
    1 TB download
    Browser
    Firefox
    Antivirus
    Bitdefender
    Other Info
    Also have Lenovo T14S laptop (me) and Lenovo Slim 71 (wife)
You must log in or register to reply here.

Latest Support Threads

Latest Tutorials

Back
Top Bottom