Security experts are raising concerns about a new technique known as “hidden text salting” being used by hackers to bypass email security scans. By concealing parts of the text in emails, cybercriminals are able to confuse scanners and ensure that phishing emails make it into recipients’ inboxes undetected.

This sophisticated method involves manipulating HTML and CSS properties within email messages, such as setting the width of elements to 0 and using features like “display: hidden” to obscure content. Attackers are also incorporating zero-width space characters to conceal the true nature of the email and evade detection by security solutions and spam filters, ultimately enabling malicious emails to bypass these defenses and reach users directly.

To combat this evolving tactic, cybersecurity researchers recommend implementing advanced filtering techniques that analyze the structure of HTML emails in addition to their contents. By detecting anomalies like excessive use of inline styles or properties like “visibility: hidden,” IT teams can enhance their defenses against such deceptive tactics. Furthermore, incorporating AI-powered solutions can strengthen email security measures against these emerging threats.

With email remaining a prominent attack vector due to its widespread use and ease of exploitation, it is crucial for organizations to fortify their defenses against evolving threats like hidden text salting. By understanding and addressing these vulnerabilities, businesses can better protect themselves and their employees from falling victim to sophisticated phishing attempts.