Illusion of Safety: How Spray-and-Pray Attacks Are Slipping Past Legacy Email Defence

Telemetry That Demanded Our Attention

At InceptionCyber AI Labs, our threat telemetry recently captured hundreds of spray-and-pray email attacks targeting enterprise customers within a single week. Each campaign was successfully detected and blocked by our NACE engine—but the forensic analysis revealed a disturbing pattern: these emails carried malicious payloads yet arrived with security headers explicitly certifying them as “clean” by legacy gateways.

We analysed unique samples from attacks that safeguarded our customers from credential theft, malware delivery, and financial fraud. What emerged was a systematic evasion playbook exploiting fundamental gaps in traditional email security architectures.

Anatomy of Modern Spray-and-Pray Campaigns

Spray-and-pray has evolved beyond crude spam blasts. Today's variants leverage three deliberate evasion techniques:

1. Infrastructure Masquerading: Attackers route campaigns through compromised legitimate accounts on trusted platforms (Office 365, Google Workspace), inheriting pristine sender reputation and bypassing IP/domain blacklists.
2. Authentication Exploitation: Campaigns carefully manipulate email authentication protocols:
   • SPF passes by sending from authorized infrastructure
   • DKIM signatures fail (or are absent), but DMARC policies with “p=none” permit delivery despite authentication failures—exploiting the gap between policy enforcement and alignment checks.
3. Payload Obfuscation: Malicious content arrives via multi-stage delivery:
   • Initial email contains minimal text to evade NLP-based spam classifiers
   • Payload delivered through PDF, SVG, or HTML attachments containing downloader/redirector URLs
   • Some emails even had callback phishing lures or fake invoice pdfs

Across our dataset, 87% of campaigns used PDF attachments with embedded JavaScript redirectors; 4% employed SVG files with obfuscated URL parameters; and 9% delivered HTML invoices with credential-harvesting forms—all designed to bypass static analysis.

The Prevalence Paradox: Why Legacy Gateways Fail

Legacy email security operates on a fatal flaw: prevalence-based detection. This model requires observing the same threat artifact across multiple customers before triggering protective actions. Spray-and-pray attacks deliberately exploit this limitation through distributed low-volume distribution:

Image: Case Study-1 for Spray and Pray with malicious downloader

This distributed distribution model ensures that:

• Volume-based filters never trigger (BCL remains 0)
• Reputation systems see only legitimate infrastructure (SPF passes)
• Signature engines lack prevalence to classify as malicious
• Sandbox detonation is bypassed (initial email contains no executable content)

The result? Emails arrive with headers explicitly vouching for their safety:

Translation: Bulk Complaint Level 0 (not bulk mail), Spam Confidence Level 1 (trusted sender), and Content Meta-Analysis Engine Score 0 (non-malicious). Yet these same emails delivered malicious PDFs containing Cobalt Strike beacons or credential-harvesting pages.

Case Study: The Authentication Mismatch

Image: Case Study-2 for Spray and Pray with callback phishing attachment

One campaign distributed a callback phishing invoice PDF to 30 recipients across diverse organizations. Forensic analysis revealed:

• Sender infrastructure: Compromised Office 365 account
• Authentication status: SPF pass | DKIM fail | DMARC p=none
• Gateway verdict:

• Delivery outcome: Inbox delivery with only "[EXTERNAL]" warning

Despite explicit authentication failures, the email received Microsoft's highest trust rating (SCL:-1). Why? Legacy systems weighted the SPF pass more heavily than DKIM failure—a deliberate evasion tactic attackers now weaponize.

Security headers like SCL:1 or BCL:0 measure protocol compliance, not malicious intent. Spray-and-pray attacks succeed precisely because they avoid spam-like characteristics:

• No URL shorteners
• No password-protected attachments
• Minimal text content (avoiding NLP feature extraction)
• Legitimate sender infrastructure
• Geographically dispersed recipients (avoiding volume thresholds)

These emails aren't trying to look legitimate—they are technically legitimate according to RFC standards. Their malicious intent exists only in the payload's behaviour and the attacker's end goal: initial access or credential harvesting.

Beyond Headers: The Path to Intent-Based Detection

At InceptionCyber AI, we established Intent-Based Detection™ as the only durable foundation for modern email defence. Our Neural Analysis and Correlation Engine (NACE™) operates on a first-principles shift: it evaluates why an email exists rather than what exploit it carries. This architectural inversion addresses the core evasion pattern in spray-and-pray campaigns:

• Header anomalies: Detection of statistically improbable recipient clusters—dozens of unrelated corporate domains receiving identical "business correspondence" with no organizational relationship
• Semantic starvation: Near-zero textual content in message bodies, deliberately minimizing features for NLP-based spam classifiers while shifting malicious semantics into attachments
• Attachment-driven intent: PDFs, SVGs, and HTML files containing the actual call-to-action—MSI download prompts, brand-impersonating callback forms, or fake invoice portals—that constitute the attack's objective
• Authentication mismatches: Weighted analysis of SPF pass combined with DKIM failure under DMARC p=none policies—recognizing this pattern as intentional evasion rather than benign misconfiguration

Image: InceptionCyber’s Detection logs Dashboard

NACE™ conducts multi-layered contextual reasoning across four invariant dimensions:

1. Semantic extraction from subject lines, minimal body text, and attachment content
2. Thematic clustering to isolate the email's purpose from superficial similarity to legitimate correspondence
3. SMTP-header forensics analysing recipient distribution entropy and thread-index anomalies
4. Call-to-action profiling identifying high-risk actions (executable downloads, credential collection) embedded within attachments

Critically, this approach eliminates dependency on Landing-page analysis for phishing verdicts or exploitation-stage features for malware classification.

Where legacy systems ask “Does this email contain a known malicious artifact?”, we look into “Why does this email exist—and does its purpose align with legitimate business communication?” The former chases exploits; the latter determines intent. As spray-and-pray campaigns arrive with headers certifying them as “clean”; intent-based analysis provides durable protection.

Conclusion: Safety Is a Function of Intent Detection

Spray-and-pray attacks succeed not from vendor incompetence but from architectural obsolescence. Legacy systems measure protocol compliance—SPF pass/fail, SCL scores, attachment types—designed for an era where volume signalled risk and infrastructure signalled trust.

Modern email security requires a fundamental replacement: shifting from:

“Does this email contain a known artifact?”   to   “Why does this email exist?”

Attackers rotate URLs, domains, and payloads indefinitely. They cannot rotate intent. Until security stacks abandon prevalence-based detection for cross-organizational intent correlation, spray-and-pray campaigns will continue arriving with headers explicitly certifying them as “safe”.

The most dangerous emails aren't marked phishing or spam—they're the ones your gateway vouches for.

Stay vigilant, stay secure.