Prevent pfishing calendar items

Question

Prevent pfishing calendar items

Jay Gourley 61

Update: This problem still exists as of 5 Nov 2025, Outlook Ver. 16.0.19328.20158.

Is there no option in Outlook to prevent unwanted meeting invitations from being inserted into my Outlook calendar without my knowledge or consent? The only option I see is a choice among Automatically Accept, Automatically Decline Recurring Meetings, and Auto Decline Meetings that Conflict.

Lately I've been receiving two or three phishing attempts per week in the form of meeting invitations. Deleting them from the inbox does not prevent the calendar item from added to my calendar, whether or not the invitation message was opened. In other words, merely receiving the invitation adds it to my calendar. After the invitation message is permanently deleted, the calendar item remains. If I notice it, I can delete it. But phishing attacks are becoming steadily more sophisticated. I don't want those links in my Exchange mailbox. And I don't want to keep searching my calendar to delete them.

Hornblower409 2,680 Reputation points

2025-10-26T10:40:15.41+00:00

Is your question similar to this thread?
https://dori-uw-1.kuma-moon.com/en-us/answers/questions/4759640/assistance-needed-to-revert-automatic-meeting-proc
Jay Gourley 61 Reputation points

2025-10-26T14:56:17.4233333+00:00

Yes, Hornblower409-4652. It's exactly that issue. Thanks for the link. I gather the issue posted there by Anonymous and here by me is not universal as I originally supposed.

It does not resolve my issue though. As you see from that thread, it is closed and was left unresolved. Like Anonymous, all my settings accord with the recommended "solution," which is not really a solution.

The thread at the link you posted ends with a transfer to a private conversation. That may hold a solution. I don't know since I don't have access.

Assuming the issue is not universal, I worry even more about it. While the issue applies to all meeting invitations, the majority in my case are clearly from nefarious sources wishing to take control of my computer.

3 answers

Your answer

Hornblower409 2,680 Reputation points

2025-10-26T10:40:15.41+00:00

Is your question similar to this thread?
https://dori-uw-1.kuma-moon.com/en-us/answers/questions/4759640/assistance-needed-to-revert-automatic-meeting-proc
Jay Gourley 61 Reputation points

2025-10-26T14:56:17.4233333+00:00

Yes, Hornblower409-4652. It's exactly that issue. Thanks for the link. I gather the issue posted there by Anonymous and here by me is not universal as I originally supposed.

It does not resolve my issue though. As you see from that thread, it is closed and was left unresolved. Like Anonymous, all my settings accord with the recommended "solution," which is not really a solution.

The thread at the link you posted ends with a transfer to a private conversation. That may hold a solution. I don't know since I don't have access.

Assuming the issue is not universal, I worry even more about it. While the issue applies to all meeting invitations, the majority in my case are clearly from nefarious sources wishing to take control of my computer.

Answer 1

Jay Gourley 61

I originated this issue. From the link in the comment added by Hornblower409-4652, I now assume this issue is not universal.

However, that link begun by "Anonymous," 26 June 2025, does not solve the issue. It is closed and ends unresolved with a transfer to a private conversation. Like Anonymous, all my settings accord with those in the "solution" that is not a solution.I am more worried about this issue now that I believe it is not universal. Most of the calendar items created (they are coming weekly now) are phishing attempts that I assume are nefarious.

Hornblower409 2,680 Reputation points

2025-10-26T15:59:04.8233333+00:00

If you have your Accept/Decline settings configured correctly and new events are still being auto added to your calendar, I can only suggest that you bring in Microsoft Support to have them look at your specific situation.
https://dori-uw-1.kuma-moon.com/en-us/microsoft-365/admin/get-help-support
Jay Gourley 61 Reputation points

2025-10-26T16:56:14.3833333+00:00

Thanks, Hornblower409-4652. I'm not that desperate yet. My opinion is not to be taken as authoritative, but I think support Microsoft offers home users through that link is only for people who are computer illiterate. I am far from an expert and every service assistant in Microsoft home-user support that I've encountered knew less than me about the product he was supporting.
Hal Hostetler MVP-Outlook 11,696 Reputation points MVP Volunteer Moderator

2025-10-26T17:21:49.96+00:00

FWIW, this issue has been reported to Outlook Engineering, they are aware of the problem, and are investigating it.
Jay Gourley 61 Reputation points

2025-10-26T18:21:53.71+00:00

Good to know. Thumb up. Is there a way for me to follow it. I'd hate to live with this for 10 years, then find out there was an easy fix available back on 26 Oct 2025.
Jay Gourley 61 Reputation points

2025-10-28T16:10:19.4566667+00:00

Hal Hostetler, would it help Outlook Engineering to see the phishing calendar invitations? Before I saw your post about Outlook Engineering, I was permanently deleting the invitations and calendar items. I received a new one today that I still have and can share. For obvious reasons, I don't want to attach the attack here.
Hal Hostetler MVP-Outlook 11,696 Reputation points MVP Volunteer Moderator

2025-10-28T17:17:00.49+00:00

I and several other Outlook MVPs have experienced the issue, reported it to the engineering folks, and provided data. If you wish to report the issue yourself, for Classic Outlook go to Help > Contact Support and send them your data.
Patrick Norton 0 Reputation points

2025-11-08T17:52:32.44+00:00

I also have this issue and had started a separate thread. I cannot find a way to submit data to support (I want them to know ore & more people have this issue). When I go to help in Outlook, I type in something like "Calendar pfishing" and it gives me links to Microsoft Q&A articles on the web but no way to actually contact anyone. Not sure how else to help this get traction.
Hal Hostetler MVP-Outlook 11,696 Reputation points MVP Volunteer Moderator

2025-11-08T18:17:32.12+00:00

To report problems to the Outlook Engineering folks:

In Classic Outlook, Help > Contact Support:

In Outlook New, **Help > Support:
Jay Gourley 61 Reputation points

2025-11-08T18:46:50.9233333+00:00

It's a sign of the times. It's not just Microsoft. The new paradigm is that when a product is releases, solutions to user problems are on the web. Product support is segregated and left to AI bots (and communities like this). Escalation is a bygone concept. Human tech support is theater. Its function is talk therapy for frustrated customers and to be human punching bags when the solutions aren't found.
Hornblower409 2,680 Reputation points

2025-11-18T03:24:18.77+00:00

@Jay Gourley

How desperate are you?

If you're not in an IT Managed environment where you can use Mail Flow Rules, I can envision some Outlook VBA code (that triggers on any new Calendar entry), examines it, and trashes anything it doesn't like. It could be based on something like this one that examines any new Calendar entries and changes the Reminder.

https://www.slipstick.com/developer/reminder-all-day-events/

Answer 2

If you are in an IT Managed environment there are Mail Flow Rules that your IT Admin can implement that will block all external Calendar invites (with specific exceptions).

https://dori-uw-1.kuma-moon.com/en-us/answers/questions/5558001/how-to-prevent-calendar-invites-from-external-sour

While these rules cannot block calendar invites entirely, they can be configured to detect meeting requests from external senders and take actions such as quarantining, redirecting, or deleting the message. However, this method may impact legitimate calendar traffic, so it’s recommended to implement allow lists for trusted domains or senders.

Answer 3

SPAM Calendar Events - Update 2025-12-05 - Still an ongoing issue. No update from Microsoft on a general solution.

If your organization has a Microsoft Defender for Office 365 subscription, there are steps you can take to mitigate the impact:

https://techcommunity.microsoft.com/blog/microsoftdefenderforoffice365blog/strengthening-calendar-security-through-enhanced-remediation/4456876

If you are in an IT Managed environment there are Mail Flow Rules that your IT Admin can implement that will block all external Calendar invites (and allow for specific exceptions):

https://dori-uw-1.kuma-moon.com/en-us/answers/questions/5558001/how-to-prevent-calendar-invites-from-external-sour

Share via

Prevent pfishing calendar items

3 answers

Your answer