Cybersecurity company Barracuda said attackers are using a technique called "text salting" to confuse AI-based email filters, The Register reported on Thursday.
Barracuda said it has detected more than 1 million phishing attacks since April that use text salting while impersonating shopping and delivery services.
Text salting is a method of inserting seemingly harmless words throughout a malicious email to trick email scanning systems into judging that there is no particular problem and to get the message delivered to recipients. Barracuda said it has been used for several years to fool traditional secure email gateways and can also confuse machine-learning and LLM-based security tools.
Barracuda said that randomly inserting words makes the message look suspicious to human readers, so attackers typically use one or more of three methods to hide the words from people while keeping them visible to automated scanners.
CSS cropping makes the display area small so people cannot see the hidden filler text. Text manipulation moves the content off screen. The zero-font technique inserts words that machines can see but people cannot between suspicious phishing phrases.
Barracuda said most modern email security systems have adapted to these techniques, but AI has not yet caught up.
In a report, Barracuda said, "Text salting and related techniques can cause confusion by filling an email with random words to induce an AI-based content analysis engine to make an incorrect classification decision."
Barracuda said LLMs are generally designed to process the email body and source code as they are, without distinguishing whether text is visible to users or hidden. It said they can be trained to make the distinction, but most tools do not do so.
Barracuda recommended that companies not rely only on keyword detection and take a multi-layered approach to email security by also checking sender reputation and authentication results, embedded URLs, HTML rendering techniques, and differences between visible content and hidden content.