HomeSecurity OperationsEmail hackers exploit hidden text salt techniques

Email hackers exploit hidden text salt techniques

Published on

spot_img

Cybercriminals have been utilizing a new technique known as “hidden text salting” to outsmart spam filters and avoid detection, leading to a noticeable increase in its usage during the latter part of 2024. This approach involves embedding non-visible elements within the source code of emails using HTML and CSS.

The purpose of these hidden elements is to confuse email parsers, spam filters, and detection engines that typically rely on keywords to identify malicious content. Attackers have devised various methods to implement hidden text salting, such as CSS manipulation to conceal harmful material, inserting invisible characters between letters of brand names or keywords, incorporating irrelevant comments within HTML attachments, and using Unicode Soft Hyphens to separate letters invisibly.

The effectiveness of these techniques has been demonstrated in brand impersonation and avoiding keyword-based filters, with phishing campaigns targeting prominent brands like Wells Fargo and Norton LifeLock successfully bypassing spam filters through hidden text salting.

Additionally, cybercriminals have also employed hidden text to throw off language detection systems. For example, emails aimed at English-speaking individuals were mistakenly classified as French by Microsoft’s Exchange Online Protection service due to embedded French text.

Hidden text salting plays a crucial role in tactics like HTML smuggling, where attackers insert irrelevant comments within base64-encoded characters in email attachments to hinder the accurate decoding of content by parsers. The increased use of hidden text salting has rendered traditional security measures insufficient, prompting experts to suggest employing advanced filtering techniques to combat this escalating threat.

These advanced filtering techniques include the development of more sophisticated filters capable of identifying suspicious CSS properties and unusual HTML structures, incorporating visual features of emails during the detection process, utilizing AI and machine learning algorithms to detect patterns and anomalies indicative of hidden text salting, and continuously updating security systems to recognize new variations of these techniques.

As cybercriminals constantly refine their evasion methods, organizations must adapt to the evolving threat landscape by implementing AI-powered solutions to provide comprehensive protection against hidden threats. The role of advanced email security technology becomes increasingly pivotal in safeguarding users from complex phishing threats associated with hidden text salting.

In light of the persistent threat posed by hidden text salting, organizations of all sizes must evolve their email security architecture to stay ahead and ensure effective protection against sophisticated cyber threats. By recognizing and addressing text and image-related risks, organizations can mitigate the risks associated with hidden text salting and other advanced cyberattack techniques.

Source link

Latest articles

CVE-2025-0994 Trimble Cityworks Now Listed in CISA Catalog

The addition of a critical vulnerability to the Known Exploited Vulnerabilities (KEV) Catalog by...

XE Group transitions from credit card skimming to exploiting zero-day vulnerabilities

In a recent shift of tactics, the notorious cybercrime group XE Group has transitioned...

Hackers infiltrate Microsoft IIS services through Cityworks RCE vulnerability

Hackers have successfully exploited a critical vulnerability in Cityworks deployments, a software used for...

Information about Home Office Apple iCloud access and FBI message scam alert

The UK Home Office, a government body overseeing key functions such as immigration, national...

More like this

CVE-2025-0994 Trimble Cityworks Now Listed in CISA Catalog

The addition of a critical vulnerability to the Known Exploited Vulnerabilities (KEV) Catalog by...

XE Group transitions from credit card skimming to exploiting zero-day vulnerabilities

In a recent shift of tactics, the notorious cybercrime group XE Group has transitioned...

Hackers infiltrate Microsoft IIS services through Cityworks RCE vulnerability

Hackers have successfully exploited a critical vulnerability in Cityworks deployments, a software used for...