The Latest Hack: Hidden Text Salting Leaves a Bad Aftertaste
All it takes is for you to open one email. Just that – something you’d think is harmless – can give hackers a ton of personal information about you and your habits. This makes it easier for them to hit you with even more phishing emails. What’s worse? Hackers have figured out how to sneak past your spam filters using a technique called hidden text salting.
But what exactly is hidden text salting, and how does it work? More importantly, how can you stop phishing emails before they reach your inbox? Let’s break it down.
The Hack: How Hackers Salt Your Inbox and Track Your Information
According to Cisco Talos, cybercriminals are abusing what is called Cascading Style Sheets (CSS). CSS is usually used to style emails – things like fonts, colors, and layouts. But hackers have figured out how to use these same tools against us through hidden text salting.
“Hidden text salting” means hiding extra, useless text inside an email to trick spam filters. It’s a broad term that covers tactics like moving text off-screen so you never see it, setting the font size to 0, or lowering the opacity, or adding junk characters to confuse security filters while keeping the message readable for humans.
This technique is more accurately known as text obfuscation and is often part of CSS-based phishing schemes.
These techniques can fool spam filters into thinking the email is safe – while the real phishing content hides in plain sight.
But the Threat Doesn’t Stop There
Hackers often embed tracking pixels in phishing emails to monitor when and where the email is opened. This is a common marketing tactic used to refine targeted ads, but cybercriminals use it to improve the accuracy of phishing attempts.
Each time you open a phishing email – even if you don’t click on anything – you’re giving hackers valuable information, like your engagement and IP address. By combining this data with other information gathered from social media activity, public profiles, or data breaches, hackers can craft highly convincing phishing emails.
For example, if you frequently shop for board games on certain marketplaces, hackers can use information obtained through breached data along with your engagement and computer location to tailor phishing emails that mimic those platforms, making their scams harder to detect.
Before you know it, something you trust could become the gateway to a cyberattack.
Why Does This Work?
Most spam filters rely on pattern matching – basically, looking for certain words or links that are common in phishing emails. But when hackers use hidden text salting and obfuscation techniques, it disguises those patterns so the filters don’t catch them.
It’s like sneaking a note past a teacher by hiding it inside a giant stack of blank papers – it’s still there, just harder to find.
This is why CSS-based phishing methods work so effectively and why spam filters fail to catch phishing emails that use these advanced tactics.
How Do You Stay Safe?
It’s not easy staying safe from hidden text salting that is designed to side-step security software, but here are a few ways to mitigate the threat:
Smarter Spam Filters: Standard spam filters might miss the hacker’s tricks. Use advanced email filtering that looks for weird formatting, hidden text, and sketchy links. Some AI-powered security tools can even analyze images and layouts to spot scams.
Email Privacy Tools: Some services can rewrite emails to strip out tracking codes and block hidden tricks. This can help identify malicious content within an email.
Watch for Weird Formatting: If an email looks off, with strange spacing, weird fonts, or gibberish text, that’s a huge red flag. If it seems fishy, it’s probably a scam.
Moral of the story
Hackers are always finding new ways to bypass spam filters and trick users – and this time, they’re using hidden text salting and CSS-based tracking to do it. By slipping past spam filters, hackers can gather information like email engagement and IP addresses, then combine this data with other sources to craft highly targeted phishing emails.
The best defense? Smarter email security, better filtering tools, and a careful eye when checking emails.
Remember: If it looks suspicious, don’t click it.
About The 20 MSP
As a leading provider of managed IT services, The 20 MSP serves thousands of businesses nationwide, including single and multi-location organizations, delivering white-glove service, secure and streamlined IT infrastructure, and 24/7/365 support. We believe in building lasting relationships with clients founded on trust, communication, and the delivery of high-value services for a fair and predictable price. Our client’s success is our success, and we are committed to helping each and every organization we serve leverage technology to secure a competitive advantage and achieve new growth. To learn more, visit the20msp.com.
