NEWYou can now listen to Fox News articles!
Phishing attacks are becoming increasingly sophisticated, and the latest scam takes exploitation of a trusted platform to a new level. Instead of sending generic or suspicious-looking emails, attackers are now abusing Apple’s iCloud Calendar invite system to deliver phishing content directly from Apple’s own email servers.
This clever tactic allows the fraudulent messages to bypass spam filters and appear more legitimate to unsuspecting users. The goal is to alarm you into calling a scammer’s fake support number under the pretense of disputing a fraudulent PayPal transaction. Once contacted, you are manipulated into granting remote access to your devices or sharing sensitive data.
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.
NEW EVITE PHISHING SCAM USES EMOTIONAL EVENT INVITATIONS TO TARGET VICTIMS
Scammers exploit Apple’s iCloud Calendar to deliver phishing invites that bypass spam filters. (Photographer: Brent Lewin/Bloomberg via Getty Images)
How the scam uses iCloud Calendar invites to bypass security
The heart of this scam lies in abusing Apple’s official infrastructure to lend credibility to a phishing attempt. Instead of using a suspicious or easily flagged email address, the attackers send calendar invites from Apple’s genuine domain, noreply@email.apple.com, as reported by Bleeping Computer.
The attacker embeds the phishing message in the “Notes” section of the calendar event, making it appear as a legitimate notification. They send the calendar invite to a Microsoft 365 email address they control, which is part of a mailing list. As a result, the invite is automatically forwarded to multiple real targets, broadening the scam’s reach.
Typically, when emails are forwarded, SPF (Sender Policy Framework) checks fail because the forwarding server isn’t listed as an authorized sender. However, Microsoft 365 uses a technique called the Sender Rewriting Scheme (SRS), which rewrites the return path so that the message still passes SPF checks.
This makes the email appear fully legitimate to both the recipient’s inbox and automated spam filters. As a result, the message is far more likely to reach a user’s inbox without being flagged, increasing the chance the victim will take the bait.
SCAMMERS ARE USING DOCUSIGN EMAILS TO PUSH APPLE PAY FRAUD
Cybercriminals leverage Microsoft 365 forwarding and Apple’s email domain to outsmart filters. (Lindsey Nicholson/UCG/Universal Images Group via Getty Images)
Why these phishing scams are particularly dangerous
What makes this campaign especially dangerous is the sense of legitimacy it conveys. Because Apple’s official servers send the email directly, users are far less likely to suspect foul play. The message itself aims to panic the recipient by falsely claiming a large PayPal transaction occurred without their consent. The message includes a phone number to “contact support” and dispute the charge, but in reality, it connects the victim to a scammer.
Once the victim calls the number, the scammer poses as a technical support agent and attempts to convince them that their computer has been compromised. The next step is typically to ask the victim to download remote access software, under the guise of issuing a refund or securing the account.
In reality, this access is used to steal banking information, install malware or exfiltrate personal data. Because the original message passed security checks and seemed credible, victims often don’t think twice before acting.
DON’T FALL FOR THIS BANK PHISHING SCAM TRICK
Fraudsters are hijacking iCloud Calendar invites to trick users into calling fake support lines. (Jonathan Raa/NurPhoto via Getty Images)
6 ways you can stay safe from iCloud Calendar scammers
I have listed some useful steps you can take to protect yourself from falling victim to these increasingly sophisticated phishing scams:
1) Treat unexpected calendar invites with caution
If you receive an unexpected calendar invite, especially one containing a strange message or alarming claims, don’t open it or respond. Legitimate companies rarely send payment disputes or security warnings through calendar invites. Always verify suspicious claims by logging into your official account directly.
2) Avoid calling numbers listed in emails or calendar invites
Phishing scams often include phone numbers that connect you to fraudsters posing as support agents. Instead of calling the number in the message, use official contact details found on the company’s official website.
3) Install trusted antivirus software
Antivirus programs protect your computer from malware and phishing sites by blocking suspicious downloads and warning you about unsafe websites.
The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Also, keeping your antivirus updated ensures it can defend against the latest threats.
Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.
4) Remove your personal data from public listings
Hackers are able to send you these phishing emails because they have your data. Using a personal data removal service helps scrub your personal information from data broker websites. This makes it significantly harder for attackers to gather details about you and craft convincing, targeted phishing attacks.
While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.
Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.
Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.
5) Use a password manager
A password manager helps you generate and securely store strong, unique passwords for every account. This reduces the risk of reusing weak passwords that scammers can easily exploit to gain unauthorized access to your accounts.
Next, see if your email has been exposed in past breaches. Our No. 1 password manager pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.
Check out the best expert-reviewed password managers of 2025 at Cyberguy.com.
6) Keep software and systems updated
Regularly updating your operating system, browser,
and applications helps patch security vulnerabilities that attackers often exploit in phishing scams. Staying current with updates minimizes your exposure to known threats.
CLICK HERE TO GET THE FOX NEWS APP
Kurt’s key takeaway
Scammers are taking phishing attacks in a disturbing new direction by manipulating trusted platforms to deliver malicious content. The safest approach is to treat any unexpected calendar invite, especially those with alarming messages or strange contact numbers, with extreme caution. Never call the number provided in the message or click on any links. Instead, go directly to official websites or your account’s official dashboard to verify suspicious activity.
Have you ever been targeted by a phishing scam disguised as an official message? Let us know by writing to us at Cyberguy.com.
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.
Copyright 2025 CyberGuy.com. All rights reserved.
