<ul><li>Threat actors exploit Cascading Style Sheets (CSS) to bypass spam filters and detection engines, and track users’ actions and preferences.</li><li>Cisco Talos observed threat actors abusing CSS to evade detection and track user behavior, raising security and privacy concerns.</li><li>Attackers use CSS properties like text-indent and font-size to hide phishing text in emails and bypass security parsers.</li><li>Threat actors can also track user behavior and conduct fingerprinting attacks using CSS, gathering data on recipients' preferences and system information.</li></ul>

Attackers use CSS to create evasive phishing messages

Discover more