Slow Mist: A hacker group uses Calendly’s function to insert malicious links to launch phishing attacks

Recently, the SlowMist security team discovered that a hacker organization was using the function of Calendly to insert malicious links on event pages through "Add Custom Link" to launch phishing attacks. Calendly is a very popular free calendar application used to schedule meetings and events, usually used by organizations to schedule events or send invitations to upcoming events. Hacker organizations send malicious links through Calendly, which are well integrated with the daily work background of most victims, so these malicious links are not easily suspected, and victims are easily clicked on the malicious links, unknowingly downloading and executing malicious code, resulting in losses. The SlowMist security team reminds everyone to be aware of the source and domain name of the links when using Calendly, and to avoid being attacked. You can move the mouse over the text before clicking on the link, and the link address corresponding to the text will be displayed in the lower left corner of the browser. Please carefully check the link address before clicking to avoid accessing phishing links.