Scammers are using a technique called the zero-font tactic to bypass spam filters and deceive email recipients. This method involves inserting invisible text with a font size of zero, which is not seen by the reader but can be read by the email software. The hidden text can serve to disrupt spam detection systems or to generate false antivirus scan results in email previews, misleading the recipient into thinking the email has been verified as safe.
The zero-font tactic is particularly effective because it allows the scammer to include sensitive words or phrases that would normally trigger spam filters without being detected. For example, a scammer could break up the words “Microsoft Corporation” with invisible text, causing the email service to miss these terms during scans, while the recipient sees the intact phrase when the email is displayed.
To protect against zero-font attacks, individuals should exercise caution with emails that appear suspicious, even if they seem to have passed antivirus checks. Familiarizing oneself with common signs of phishing and fraudulent emails is crucial, as is skepticism towards any email that claims to be virus-free. Vigilance and informed email practices are key to avoiding the traps set by scammers using zero-font tactics.
Key Takeaways:
- Scammers use zero-font techniques to insert invisible text in emails, evading spam filters and disguising malicious content.
- Invisible text can be used to impersonate legitimate companies in email content without being detected by security systems.
- Hackers have exploited zero-font text to generate false email preview information, misleading recipients about the safety of the email’s contents.
“Zero-font tactics can skirt these scans by adding ‘junk text’ to the email, thus clogging up the scan. One particularly famous case back in 2018 used this method to get around Office 365’s security, as reported by Avanan.”
More details: here
Leave a Reply