The evolution of cybersecurity has hit a paradoxical wall: while the industry pivots toward Large Language Models (LLMs) and machine learning to block threats, attackers are finding surprising success by returning to rudimentary methods. "Text salting," an obfuscation technique from the early 2000s, is proving effective at neutralizing even the most sophisticated AI filters.
Confusing the Algorithm
The mechanics of text salting are deceptively simple. It involves peppering a malicious email with random, harmless-looking words. These additions can be visible but out of context, or completely hidden using HTML and CSS properties to make them invisible to the human eye while remaining readable by email parsers.
According to Barracuda, the goal is to flood content analysis engines with benign terms, nudging the AI toward an incorrect classification decision. Instead of flagging a phishing pattern, the system perceives a harmless overall "flavor," allowing the message to slip into the inbox.
A Million-Email Surge
The impact of this resurgence is significant. Since April 2026, Barracuda has detected over one million retail-themed phishing attacks utilizing text salting. The danger lies in its ability to manipulate not only keyword-based filters but also language detection modules and advanced semantic analysis. Reports indicate this strategy has been used to circumvent Microsoft's security filters and impersonate brands like Norton LifeLock.
This vulnerability highlights a structural flaw in modern defenses: the tendency to be overwhelmed by infinite variations of functionally identical spam, making per-item analysis increasingly inefficient.
Beyond Spam: Linguistic Steganography
While text salting relies on "noise," the threat landscape is shifting toward more sophisticated concealment. Projects like conversation-steganography demonstrate how LLMs can be used to hide secret messages within seemingly normal chat text, turning AI from a defender into an obfuscation tool.
This trend fits into a broader professionalization of cybercrime, where AI is used not just for hacking but for psychological manipulation and extortion in industrial-scale ransomware operations.
Defense Outlook
The lesson for IT decision-makers is clear: total reliance on AI is a risk. A layered defense strategy—combining behavioral analysis, strict HTML integrity checks, and continuous user education—remains the only viable way to counter techniques that, despite their age, still find gaps in modern email architecture.
