Here’s a new phish I just found. The malicious actor attaches a .ics file, which is a calendar attachment, like is added to every meeting invitation sent. It appears some spam filter vendors do not inspect links included in .ics file attachments. On top of that, the link uses a hexadecimal version of an IP address so the victim does not know where he will end up when clicking the link.
