Attackers are repurposing an old spam evasion technique to bypass a new generation of AI-powered email security tools.
Barracuda researchers say they have identified more than one million retail-themed phishing emails since April that use text salting — a method that hides large amounts of benign content inside messages to manipulate how automated security systems classify them.
“Attackers are hiding harmless-looking text inside phishing emails to make the messages appear safer to security tools,” said Pranati Sethy, Senior Threat Analyst at Barracuda, in an email to eSecurityPlanet.
She explained, “This is a reminder that email defenses need to identify what is hidden and focus on the message the recipient sees.”
Pranati added, “Considering the full context of an email is increasingly important as attackers find new ways to evade content-based detection.”
Key takeaways of Barracuda’s salt text phishing research
- Barracuda identified more than one million phishing emails using text salting to manipulate AI-powered and traditional email security systems.
- Text salting hides large amounts of benign text within phishing emails, making malicious messages appear less suspicious to automated detection engines.
- Attackers combine trusted infrastructure, authenticated domains, hidden HTML content, CSS concealment techniques, and Zero Font to improve phishing email delivery.
- The visible phishing message remains unchanged for recipients while hidden content alters how some security tools interpret the email.
- Organizations should deploy layered email security that analyzes rendered content and detects hidden-content evasion rather than relying solely on keyword or AI-based detection.
How text salting attacks work
Unlike traditional phishing campaigns that target keyword-based spam filters, these attacks are designed to manipulate how AI-powered email security systems interpret content.
Instead of simply hiding malicious words, attackers inject benign text to influence machine learning and large language model (LLM)-based detection engines into classifying phishing emails as legitimate.
According to Barracuda’s research, the campaigns begin with attacker-controlled infrastructure hosted on compromised legitimate websites or lookalike domains that are configured with DKIM.
By using infrastructure that passes authentication checks, attackers improve the chances that their emails will evade initial security screening.
How the phishing email is constructed
The phishing emails themselves contain two distinct layers of content.
Recipients see an urgent retail-themed message claiming that rewards points, loyalty benefits, or gift cards are about to expire and encouraging immediate action.
Hidden behind that visible message, however, are large blocks of unrelated text containing stories, project notes, conversations, or random words such as puppy, training, book, and rhythm.
These benign words dilute the concentration of suspicious terms like reward, expires, and gift card, making the overall email appear less malicious to some automated detection engines while remaining unchanged from the recipient’s perspective.
How the hidden content stays hidden in the emails
To keep hidden content invisible, attackers combine multiple HTML and Cascading Style Sheets (CSS) concealment techniques instead of relying on a single method.
Researchers observed CSS techniques that crop the viewing area, reduce line height, move text off-screen, and suppress scrollbars to keep hidden content invisible.
Researchers also identified a technique known as Zero Font, which embeds random hidden words directly inside recognizable phishing phrases while assigning the inserted text a font size of zero.
For example, the underlying HTML may contain the phrase “Your pass [hidden text] word expired.”
Because the inserted text is invisible to the user, recipients still read “Your password expired.”
However, security tools looking for the exact phrase in the HTML source may fail to detect it, allowing the phishing email to evade some signature-based and pattern-matching detection methods.
Barracuda says these campaigns demonstrate why modern email security should analyze the message as users actually see it — not just the underlying HTML or source code.
Reducing text salting risk
As phishing techniques continue to evolve, organizations should assume that some malicious emails will eventually bypass traditional defenses.
Defending against text-salting attacks requires a layered strategy that combines advanced email security, strong identity protections, and well-prepared users.
- Deploy layered email security that analyzes rendered content, HTML structure, sender reputation, authentication results, embedded links, and behavioral anomalies rather than relying solely on keyword or AI-based detection.
- Detect hidden-content evasion by identifying differences between the email users see and the underlying source code, including text-salting and other HTML concealment techniques.
- Enable time-of-click URL protection or remote browser isolation to help block malicious websites that evade initial email scans.
- Implement phishing-resistant MFA, such as passkeys or FIDO2 security keys, to reduce the risk of compromised credentials being used for account takeover.
- Strengthen email authentication with SPF, DKIM, and DMARC while using threat intelligence to block known malicious domains and phishing infrastructure.
- Provide regular phishing awareness training and make it easy for employees to report suspicious emails.
- Test incident response plans and use attack simulation tools with scenarios around phishing and email compromise scenarios.
These measures can help organizations reduce overall exposure and build resilience.
Bottom line
Generative AI makes it easier for attackers to produce highly varied hidden text at scale, increasing the use of AI-aware evasion techniques such as text salting.
As a result, security teams should regularly evaluate whether their email security platforms can detect these techniques rather than relying solely on traditional content analysis.
With email-based attacks becoming more adept at evading detection, many organizations are reevaluating broader security strategies such as Zero Trust to reduce the impact of successful phishing attempts.





