Fake Malwarebytes Renewal Invites Distributed via Malicious Calendar Files

Cybercriminals are sending calendar invitations that mimic Malwarebytes renewal reminders. The invites contain a malicious .ics file; when a user accepts the event, the file automatically opens a hidden link that redirects to a spoofed Malwarebytes login page designed to harvest credentials.

The attack can lead to credential theft, unauthorized access to corporate endpoints, and potential lateral movement if reused passwords are present. Defenders should monitor for unexpected calendar invites, block or inspect .ics attachments, and educate users to verify renewal notices through official channels rather than clicking embedded links.

Categories: Threat Intelligence, Security Culture & Human Factors

Source: Read original article