RESEARCHERS at Barracuda Networks have identified that over 1 million phishing emails have used a technique called text salting to bypass both static and AI-driven email security filters. These emails employ hidden text to make social engineering attempts look legitimate, leveraging the effectiveness of large language models (LLMs) in crafting deceptive content.
Traditional email security gateways (SEGs) struggle to detect these threats since they primarily focus on visible content and straightforward security signals. Attackers inject benign words into suspicious phrases and use HTML manipulation to hide their tactics. The ongoing effectiveness of text salting highlights the need for more advanced email security that evaluates context rather than relying solely on identifying specific keywords or format anomalies.