Bypassing Spam Filtering in Outlook

How disguised link can be used to deliver malicious ISO files.

INTRO

In my previous article, I demonstrated how attackers could bypass Microsoft Defender SmartScreen using ISO files, allowing malicious executables to run without triggering security warnings.

That technique focused on post-download execution, where an attacker instructs the victim to extract and run malware. Still, attackers need a reliable method to deliver these malicious files without being flagged by email security systems.

This short blog post examines a newly discovered Outlook spam filter bypass that enables attackers to distribute malicious ISO files through emails without being quarantined by spam filters.

Most of my posts will be available this year on the Afine blog. This is just a proxy for my Medium followers, so they do not miss it. The full article is available here: https://afine.com/bypassing-spam-filtering-mechanism-in-outlook/