AI Email Security Tools Unable to Distinguish Hidden Text
Cybersecurity firm Baracuda Networks reported that attackers are confusing AI-based email filters using a technique called 'text salting,' according to The Register. Baracuda detected over 1 million phishing attacks using this method since April. Text salting involves inserting invisible words into malicious emails to bypass scanners, tricking systems into thinking there's no issue. This technique has been used to bypass traditional email gateways and can also disrupt machine learning and LLM-based security tools. Baracuda noted attackers use three methods: CSS cropping to hide text from users, text manipulation to move content outside the viewable area, and zero-font techniques to insert invisible words. While newer email security systems have adapted to these methods, AI remains vulnerable. Baracuda warned that text salting and similar techniques can mislead AI content analysis engines into incorrect classifications. The company emphasized that LLMs are designed to process email content and source code without distinguishing between visible and hidden text, though training them to do so is rarely implemented. Baracuda recommended a multi-layered email security approach for businesses, combining keyword detection with sender reputation, authentication results, embedded URLs, HTML rendering techniques, and comparisons between visible and hidden content.