Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

Hackers Use CSS to Evade Spam Filters

March 17, 2025
Reading Time: 2 mins read
in Alerts
Hackers Use CSS to Evade Spam Filters

In 2024 and early 2025, security researchers uncovered a worrying trend where hackers exploit Cascading Style Sheets (CSS) to bypass spam filters and secretly track user actions. By embedding hidden text or utilizing CSS properties, attackers can evade detection by email security systems. Cisco Talos discovered a method called “hidden text salting,” where invisible content is added using the text-indent property, causing the malicious content to be harder for filters to detect. This technique has been widely used in phishing campaigns.

Attackers have also been leveraging the opacity property in CSS to hide text from view but still affect detection mechanisms.

This allows them to hide malicious content within an email, making it invisible to human eyes while still detectable by spam filters. As spam detection systems continue to evolve, threat actors are finding new ways to bypass them using seemingly harmless properties like text-indent and opacity to obscure their tracks and avoid detection.

Another tactic identified by researchers involves the use of CSS to covertly track user behaviors without relying on JavaScript.

Phishing emails use CSS media queries to collect data on when an email is opened, whether it’s printed, and which email client is being used. This data can help attackers personalize phishing campaigns and track user actions, including determining device preferences, operating system types, and screen sizes, providing further insight into the user’s behavior.

Security experts recommend advanced email filtering mechanisms and AI-driven detection to combat these evolving threats. Email privacy proxies, which rewrite remote resources and convert CSS rules into style attributes, can help prevent unauthorized tracking. With CSS exploitation techniques growing more sophisticated, organizations are advised to stay vigilant and update their security measures to address these hidden threats effectively.

Reference:
  • Hackers Use Cascading Style Sheets to Bypass Spam Filters and Track Users
Tags: Cyber AlertsCyber Alerts 2025CyberattackCybersecurityMarch 2025
ADVERTISEMENT

Related Posts

Linux Core Dump Flaws Risk Password Leaks

Linux Core Dump Flaws Risk Password Leaks

June 2, 2025
Linux Core Dump Flaws Risk Password Leaks

GitHub Code Flaw Replicated By AI Models

June 2, 2025
Linux Core Dump Flaws Risk Password Leaks

Google Script Used In New Phishing Scams

June 2, 2025
OneDrive Flaw Gives Sites Full Data Access

OneDrive Flaw Gives Sites Full Data Access

May 30, 2025
OneDrive Flaw Gives Sites Full Data Access

Fake AI Apps Drop Ransomware And Malware

May 30, 2025
OneDrive Flaw Gives Sites Full Data Access

EDDIESTEALER Uses Fake CAPTCHAs for Stealing

May 30, 2025

Latest Alerts

Linux Core Dump Flaws Risk Password Leaks

GitHub Code Flaw Replicated By AI Models

Google Script Used In New Phishing Scams

EDDIESTEALER Uses Fake CAPTCHAs for Stealing

Fake AI Apps Drop Ransomware And Malware

OneDrive Flaw Gives Sites Full Data Access

Subscribe to our newsletter

    Latest Incidents

    Covenant Health Cyberattack Shuts Hospitals

    Moscow DDoS Attack Cuts Internet For Days

    Puerto Rico’s Justice Department Cyberattack

    State Actors Hit ConnectWise ScreenConnect

    Ivanti Flaw Hits NHS Staff and Patient Data

    Amalgamated Sugar Data Breach Exposes SSNs

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial