A brand new report has revealed a surge in the usage of so-called “hidden textual content salting” strategies to evade e-mail safety measures within the latter half of 2024.
This methodology, also referred to as “poisoning,” permits cybercriminals to bypass spam filters, confuse e-mail parsers and evade detection engines by embedding invisible components within the HTML supply code of emails.
The newest report from Cisco Talos, Hidden Textual content Salting in Electronic mail Threats: Tendencies and Mitigation Methods, highlights the rising prevalence of this easy but efficient tactic.
In keeping with the report, attackers are using a variety of strategies, together with:
- Modifying HTML and CSS properties like “width: 0” and “show: hidden”
- Inserting zero-width house (ZWSP) and zero-width non-joiner (ZWNJ) characters
- Obfuscating e-mail content material by embedding irrelevant language
One instance concerned phishing emails mimicking manufacturers resembling Wells Fargo and Norton LifeLock. By hiding characters utilizing CSS properties or inserting ZWSP characters, these emails evade model identify extraction by safety programs.
One other notable case confirmed attackers disguising English emails as French by embedding hidden French phrases, which misled Microsoft’s Trade On-line Safety (EOP) spam filter.
Hidden Textual content Salting in Motion
The research additionally highlights the usage of hidden textual content salting in HTML smuggling. In these circumstances, attackers hid malware in e-mail attachments by embedding irrelevant feedback inside base64-encoded strings. This method disrupted detection engines that sometimes scan attachments for threats.
Learn extra on assaults exploiting hidden textual content: Researchers Uncover New “Dialog Overflow” Techniques
Given the challenges posed by this tactic, consultants advocate adopting superior filtering strategies that analyze the construction of HTML emails. For instance, filters can flag extreme use of inline kinds or suspicious CSS properties like “visibility: hidden.”
Moreover, leveraging AI-powered programs to investigate each textual content and visible components of emails can enhance detection charges.
The report additionally emphasizes the significance of complete e-mail safety options to counteract this rising menace. As attackers proceed to refine their strategies, organizations should keep vigilant and proactive in defending in opposition to email-based cyber-attacks.
