Microsoft Calendar Invite Scams

phishing scam

Despite increasing awareness of phishing and spam, malicious Microsoft calendar invite scams continue to catch users off guard.  These deceptive emails, disguised as legitimate Microsoft 365 or Outlook events, are flooding inboxes, and worse, automatically appearing in calendars without user consent.

Users across various forums, including Microsoft Answers, have recently reported being inundated with suspicious renewal emails and calendar appointments that appear to come from Microsoft.  However, these invites are often sent from what appear to be legitimate email addresses.

What makes the scam particularly sneaky is its use of auto-sync features in platforms like Outlook and Microsoft 365.  These features can cause external calendar invites to appear in your schedule automatically, meaning you don’t have to accept anything for the scam to appear on your calendar.

Once added, the invitations generally include:

  • Phishing links to fake Microsoft login pages

  • Urgent messages prompting you to act immediately

  • Attachments that may contain malware

At BizWiseIT, we recommend the following proactive measures to defend against these scams:

Don’t Interact with Suspicious Invites

Clicking, replying to, or even declining the invitation can signal that your email address is active, potentially inviting more spam.  Delete these messages immediately and remove them entirely from your Deleted Items as well.

Report and Remove

Flag suspicious emails or invites to your IT or security team and delete them from both your inbox and calendar. You can also report them directly to Microsoft by forwarding the suspicious email as an attachment to phishatoffice365.microsoft.com (phish[at]office365[dot]microsoft[dot]com).  

Always Verify the Sender

Verify that the sender’s email address matches official Microsoft domains.  If something looks off, it probably is.

Adjust Calendar Settings

Turn off automatic event additions in your Outlook or calendar settings:

  • Go to Settings > View All Outlook Settings > Calendar > Events from Email

  • Uncheck “Automatically add events”

Strengthen Security Measures

Enable multi-factor authentication (MFA) and ensure your device’s operating system and software are regularly updated to close off potential entry points.

Be Wary of Urgency

Scammers often use pressure tactics — such as claiming your Microsoft 365 subscription is about to expire — to manipulate users into clicking quickly.  Take a breath and investigate first.

If You’ve Already Clicked

If you’ve engaged with a suspicious invite or link:

  • Change your Microsoft account password immediately

  • Run a full malware scan using trusted antivirus software

  • Report the incident to Microsoft 

As cyberthreats evolve, so must our vigilance.  We encourage businesses and individuals to take these risks seriously — and to stay informed, updated, and alert.

If you require any assistance strengthening your organisation’s IT security, get in touch.  We are always happy to help local businesses across the Crawley, Gatwick, and West Sussex region stay safe online. 

Photo Credit: Image by Freepik https://www.freepik.com/