Advertisement
Security

AI Spam Filters Falter Against Salting

Modern LLM-powered email security is struggling to identify phishing attempts that use decades-old text-hiding techniques.

··1 hour ago·2 min read
Abstract glitch art with distorted text and shapes
Photo by Egor Komarov on Unsplash
Advertisement

Legacy Tactics Bypass Modern Defenses

The promise of artificial intelligence in email security was supposed to usher in a new era of proactive threat detection, but attackers are finding success by looking into the past. By repurposing the vintage technique of text salting, malicious actors are effectively tricking sophisticated machine-learning systems into misclassifying phishing attempts as legitimate correspondence. Despite the computational power backing these security gateways, the inclusion of benign-sounding, hidden text is creating enough noise to blind even the most advanced models.

The Mechanics of Hidden Deception

Attackers utilize several methods to inject these irrelevant terms into messages. Some employ CSS cropping to shrink the display window, while others shift the salted content off-screen entirely. A third common approach involves zero-font techniques, where misleading words are woven into the text. While these additions are invisible to human recipients, they successfully alter the semantic context for automated analysis engines, resulting in a false sense of security.

Artificial Intelligence Struggles With Complexity

The core issue lies in how Large Language Models handle input data compared to traditional security tools. Because these models are often trained to interpret raw data as a whole, they frequently lack the granular awareness needed to distinguish between visible content and hidden payload additions. Barracuda reports that while legacy secure email gateways have largely learned to strip away hidden layers, their AI-driven counterparts often fail to perform this necessary sanitation.

Text salting and related techniques can be used to confuse AI-driven content analysis engines by flooding the email with random terms that encourage the AI system into making an incorrect classification decision.

— Barracuda, a cybersecurity firm.

Quantifying the Salting Threat

  • More than 1,000,000 retail-themed phishing attacks using text salting have been detected since April.
  • Attackers rely on three primary flavor variations to mask their malicious activity from human observers.
  • Modern AI systems are specifically struggling to match the capabilities of earlier 2000s-era secure email gateways regarding text sanitization.

Defensive Strategies for the Enterprise

Reliance on a single layer of keyword-based detection is becoming increasingly hazardous for organizations. Security teams should prioritize a layered defense that integrates sender reputation analysis and robust authentication checks. Furthermore, organizations must verify whether their current email security stack can actively differentiate between what a user sees and what is rendered in the underlying HTML, as this visibility gap is where these modern phishing campaigns are currently thriving.

#ai#phishing#email security#text salting#cybersecurity

Xploitwire Editorial Team

Xploitwire Newsroom

This article was researched and drafted with AI assistance and reviewed by our editorial team before publication. About Xploitwire →

← Back to all stories
Advertisement