VYPR
researchPublished Jul 16, 2026· 1 source

Attackers Use 'Text Salting' to Evade AI-Powered Email Security Filters

Over one million phishing emails have been discovered using 'text salting' to bypass AI-driven security, embedding hidden text to confuse detection systems.

Cybercriminals are increasingly employing a sophisticated, yet fundamentally simple, technique known as 'text salting' to bypass modern AI-powered email security filters, a trend that has seen over one million retail-themed phishing emails leverage this method since April. Researchers at Barracuda Networks observed these emails, which promise rewards and gift cards, using hidden, irrelevant text to overwhelm or confuse AI models designed to detect malicious content. This tactic exploits an asymmetric advantage where attackers can rapidly generate and deploy these emails, while the AI defenses struggle to keep pace.

While the emails often appear low-effort and poorly formatted to human eyes, their ability to reach inboxes stems from how they manipulate the underlying machine-readable data. Secure Email Gateways (SEGs), the primary defense against malicious emails, typically check sender authenticity and authentication protocols, where these campaigns are often compliant using standard methods like DKIM and compromised legitimate domains. The real challenge lies in content analysis, where SEGs look for spammy language, suspicious patterns, and formatting issues.

Attackers are circumventing these content filters by injecting large amounts of inoffensive or unrelated text into the email's HTML code. This 'salting' can involve embedding keywords like 'urgent' or 'rewards' alongside innocuous words such as 'puppy' or 'book,' or simply adding long passages of irrelevant filler text. The goal is to dilute the malicious content, making it harder for AI algorithms to flag the email as spam or phishing.

To ensure this hidden text remains invisible to the end-user, attackers employ various obfuscation techniques. These include shrinking the font size to zero, containing the text within zero-height or zero-width viewing windows, or overflowing the text off-screen while hiding any scrollbars. These methods aim to present a clean email to the recipient while the underlying code is packed with deceptive elements that confuse automated analysis tools.

Modern security tools are aware of text salting and attempt to un-hide invisible text. However, attackers are countering this by layering multiple salting techniques, ensuring that if one method of hiding text is detected and neutralized, another may still succeed. This cat-and-mouse game highlights the adaptive nature of threat actors and the challenges faced by static detection methods.

Furthermore, the rise of Large Language Models (LLMs) is significantly accelerating the creation and refinement of these text-salted phishing emails. LLMs allow attackers to generate vast amounts of varied, contextually relevant filler text and modify HTML code at speeds previously unattainable. This AI-assisted generation makes the salting technique more efficient and effective than ever before, posing a growing challenge for AI-based security engines.

Defending against such sophisticated evasion tactics requires security tools to move beyond simple keyword scanning and indicator analysis. Experts emphasize the need for security solutions to evaluate the full context of a message, considering the interplay between visible content, hidden or excessive text, sender behavior, and the intended user action. A holistic approach is crucial to combatting these evolving threats.

The continued and growing effectiveness of text salting, a technique often associated with older spam filters, underscores the need for continuous innovation in email security. As AI becomes more prevalent in both attack and defense, understanding and adapting to these novel evasion methods is paramount for protecting users and organizations from falling victim to sophisticated phishing campaigns.

Synthesized by Vypr AI