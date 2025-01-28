Email security, Threat Intelligence, Phishing

Hidden text salting in scam emails ramps up

Phishing Prevention Tactics for Email Scams: Protecting against email-based ph.

(Adobe Stock)

More threat actors have leveraged hidden text salting, or poisoning, to better conceal malicious code in HTML-format scam emails since the second half of last year, Cybernews reports.

Hidden text salting has not only been used to evade spam filters' keyword detection capabilities as shown in separate phishing attacks impersonating Wells Fargo and Norton LifeLock but also to dupe the language detection module of Microsoft and circumvent security filters, according to findings from Cisco Talos, which emphasized the importance of sophisticated artificial intelligence- and visual feature-based filtering techniques. "Protecting against these sophisticated and devious threats requires a comprehensive email security solution that harnesses AI-powered detections," said Cisco Talos researchers. Such a development comes after Microsoft disclosed a now-addressed critical Outlook zero-click flaw, which could be exploited to facilitate malware delivery through specially crafted emails. Users have been urged to read emails in plain text to mitigate potential compromise.

Related

Secondary payloads delivered via MintsLoader attacks

Oil and gas, electricity, and legal services organizations in the U.S. and Europe have been targeted with spam emails containing links that download MintsLoader either through a JavaScript file or Windows Run prompt as part of a campaign underway since earlier this month, a report from eSentire showed.

Trojanized images leveraged in separate malware campaigns

Both campaigns involved the distribution of malicious emails purporting to be invoices, purchase orders, or quotation requests with attachments, which when opened triggers a PowerShell script fetching the trojanized image and executing a .NET-based loader to launch the payloads.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

Related Terms

Business Email Compromise (BEC)CorruptionCovert ChannelsDarknetDeepfakeFault Line AttacksInformation WarfareInternet Message Access Protocol (IMAP)Post Office Protocol, Version 3 (POP3)Reconnaissance

You can skip this ad in 5 seconds