Email Security Blog

The Magic Behind Disappearing Warning Banners: A Growing Threat in Email Phishing

In 1918, to the thrill of stunned audience members, magician Harry Houdini made a 10,000-pound elephant disappear.

Today, at least in the phishing world, the latest elephant in the room is a new little trick performed by black hats in which suspicious email warning banners disappear.

What’s All the Hocus Pocus About?

There is a growing trend in email phishing scams and it’s sophisticated enough to be fooling Secure Email Gateways (SEGs) worldwide. It revolves around the standard warning banners many email security providers insert into emails. The banners are not particularly new - Microsoft introduced the technology in 2013 - and they display one of a few fixed messages. Green for good emails, red for potentially bad ones. The banners are inserted into the emails before they leave the gateway – which is an important point to remember.

Poof! It’s Gone

Unfortunately, cybercriminals have a new trick up their sleeve. Using cascading style sheets (CSS), phishers have figured out how to make these warning banners disappear from emails.

What’s worse is that in their place, hackers are inserting a banner of their own, thus convincing unsuspecting victims that the very phishing email they have sent is considered safe. From there, it’s just a matter of a few wrongs clicks and the black magic begins. Malware, ransomware, spear phishing, brand forgery… you name it.

Voilà! INKY Has the Solution

As mentioned, these standard Microsoft banners are inserted into the email after they leave the SEG. That’s where INKY comes in. One of INKY’s many charms is that our Phishfence sits downstream from the SEGs and therefore catches what they can’t. In this case, thwarting the trickery behind the black hats’ disappearing banner act.

Understanding Phishing - Disappearing Banners - book imageYou see, INKY’s HTML rendering process can detect elements that are invisible to others. This high-level analysis uses computer vision, artificial intelligence, and machine learning to see – and catch – everything.

Read the details behind this latest phishing scam, including the specific tactics used by the cybercriminals in this unique and deceptive security breach. Read our downloadable report, Disappearing Banners and What to Do About Them.

Then, let us show you a few tricks of our own during a free INKY demonstration.

----------------------

INKY® is the most effective hero in the war against phishing. An award-winning cloud-based email security solution, INKY® prevents the most complex phishing threats from disrupting or even immobilizing your company’s day-to-day business operations. Using computer vision, artificial intelligence, and machine learning, INKY® is the smartest investment you can make in the security of your organization. INKY® is a proud winner of the NYCx Cybersecurity Moonshot Challenge and a finalist in the 2020 RSAC Innovation Sandbox Competition. Learn more about INKY® or request an online demonstration today.

Topics: