TTP: Bypassing Symantec Email Security.cloud (MessageLabs)
During a recent Attack Simulation against a high-profile client, Beyond Binary faced off against Symantec Email Security.cloud (formerly MessageLabs
) whilst conducting a variety of phishing campaigns. This was not the first time we had come up against cloud-based email security services, however our usual approaches to bypassing them didn't yield any fruit. Symantec was doing a relatively good job of stopping our phishes from making it to the end-user. As a result, we had to put some time into coming up with a way of getting around the filter.