Cybercriminals Exploit CSS to Dodge Spam Detection and Monitor Emails

Bisma Farrukh

Bisma Farrukh

March 18, 2025
Updated on March 18, 2025
Cybercriminals Exploit CSS to Dodge Spam Detection and Monitor Emails

Malicious actors have found a new way to exploit Cascading Style Sheets (CSS), which are primarily used for styling web pages, to bypass spam filters and invade users’ privacy. According to recent findings by Cisco Talos, these malicious tactics pose serious risks to both security and personal information.

Omid Mirzaei, a researcher at Talos, noted that while email clients restrict many dynamic content features, such as JavaScript, the same isn’t true for CSS. This freedom allows attackers to track users’ interactions and preferences more effectively.

The report highlights an alarming rise in email threats that utilize a technique known as hidden text salting, especially noted in the latter half of 2024. This method involves using HTML and CSS to embed invisible comments or irrelevant content in emails, which can confuse spam filters and security systems.

Researchers discovered that threat actors employ CSS styles, such as text indent and opacity, to hide unwanted content from the email body. Sometimes, the ultimate aim is to lead unsuspecting recipients to phishing websites, where they could fall victim to further scams.

Additionally, CSS can be exploited to track user behavior through spam emails. Attackers might use properties like the @media CSS at-rule to perform fingerprinting attacks, gathering details about user preferences and their system environment. Mirzaei elaborated on this, revealing that such tactics could identify recipients’ font choices, color schemes, language settings, and actions like viewing or printing emails.

To counter these emerging threats, experts recommend implementing sophisticated filtering techniques to detect hidden text and concealed content and adopting email privacy proxies. These measures can help fortify users’ defenses against these evolving cyber risks.

Was this article helpful?
Thanks for your feedback!

About The Author

Bisma Farrukh

Bisma is a seasoned writer passionate about topics like cybersecurity, privacy and data breach issues. She has been working in VPN industry for more than 5 years now and loves to talk about security issues. She loves to explore the books and travel guides in her leisure time.

No comments were posted yet

Leave a Reply

Your email address will not be published.


CAPTCHA Image
Reload Image