Security experts demonstrate hacking the Outlook spam filters to deliver malicious ISO files

Don't click on any suspicious emails and links

News

Reading time icon 2 min. read

Calendar icon Published on

by Claudiu Andone 

published on

Share this article

Readers help support Windows Report. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help Windows Report sustain the editorial team. Read more

Microsoft Outlook spam filters can be bypassed by hackers to deliver infected ISO files

After we’ve just learned about a massive botnet attack targeting Microsoft 365 users, we’ve got another bad news. A new technique has been uncovered that allows cybercriminals to slip past Microsoft Outlook’s spam filters, delivering dangerous ISO files straight to people’s inboxes. If your organization uses the native Outlook spam filters, you might be at risk of falling victim to sophisticated phishing attacks.

The trick involves hiding malicious links behind what appear to be harmless URLs. By using a hyperlink obfuscation method, attackers can send disk image files containing malware directly into victims’ email inboxes without triggering any alarms.

According to a report from Afine, security experts are warning that this approach weakens email security, especially for companies that rely heavily on Outlook’s built-in spam filtering. It’s like sneaking through the front door instead of trying to break in through the windows.

Source: Afine

This discovery comes on the heels of reports showing how attackers have also used ISO files to bypass Microsoft Defender SmartScreen, a tool designed to stop untrusted programs from running. In previous campaigns, bad actors relied on social engineering tactics—tricking users into manually extracting and running malware from downloaded ISO files.

But now, the game has changed. The new method focuses on evading email-level defenses entirely, meaning these harmful files can land in users’ primary inboxes without being detected.

ISO files remain a favorite tool for attackers because they often fly under the radar of traditional security systems. Unlike executable (.exe) files, which are more likely to raise red flags, disk images aren’t automatically seen as suspicious. This makes it easier for hackers to hide scripts, ransomware, or spyware inside them, turning what looks like an innocent file into a potential threat.

However, we remind you that as with any other phishing attack, this one also needs your input. You actually have to click on the modified link to get the malicious ISO and infect your system. Therefore, as always, we recommend to always be on alert about suspicious emails, even if the spam filters fail to flag them. We’ve learned about this from GBhackers.

More about the topics: Cybersecurity, Microsoft Outlook

Claudiu Andone

Claudiu Andone Shield

Windows Toubleshooting Expert

Oldtimer in the tech and science press, Claudiu is focused on whatever comes new from Microsoft. His abrupt interest in computers started when he saw the first Home Computer as a kid. However, his passion for Windows and everything related became obvious when he became a sys admin in a computer science high school. With 14 years of experience in writing about everything there is to know about science and technology, Claudiu also likes rock music, chilling in the garden, and Star Wars. May the force be with you, always!

User forum

0 messages