The malicious actors operate cascading sheets (CSS) used for the style and formatting of the web page layout, to bypass spam -filters and tracking users.
This is according to the new Cisco Talos findings, which states that such harmful actions may endanger the safety and privacy of the victim.
“The features available in CSS allow attackers and spammers to track users’ actions and preferences, though several dynamic content features (such as JavaScript) are limited in e -mail compared to webbrazers,” Talos omid Mirzaei researcher – Note In a report published last week.
Understanding is built on Previous conclusions From the cybersecurity company about the spike in the e -mail threats uses the hidden text in the second half of 2024 to bypass the spam filters and security gateways.
This technique is particularly entailing the use of legitimate features of the Hypertext marking (HTML) and CSS to include comments and irrelevant content that are invisible to the victim when providing the customer by email, but can go through analyzers and detection engines.
Last analysis Talos revealed that subjects threatens use such properties CS Text_indent and opacity To hide the irrelevant content displayed in the email body. The ultimate goal of these companies in some cases is to redirect the e -mail to the phishing page.
In addition, it turned out that CSS offers the possibility of a threat to watch @Media CSS in management thus opening the door for potential finger attacks.
“This abuse can vary from the identification benefits and color schemes of the recipients and the client’s language to even track their actions (such as viewing or printing emails),” Mirzay explained.
“CSS provides a wide range of rules and properties that can help spammers and threats of fingerprint participants, their web substations or customers and their system.
To mitigate the risk of such threats, it is recommended to implement the advanced filtration mechanisms to detect hidden texting and hiding content, as well as the use of privacy trusted persons.
