How to protect yourself from ZeroFont email scams

Authored by Aviva

It'd be nice if emails came with a security message that confirmed 100% that the email is safe but unfortunately, that’s not always possible. Even if your company uses technical controls that help scan emails for known threats, and these controls are updated regularly, the problem remains that new threats are created every day. It’s crucial that you and your clients remain vigilant, because sophisticated phishing emails could get through and land in inboxes.

If you come across an email that bears a security message advising you that “this email is 100% safe” then proceed with caution as the message could be fake and designed to lure you into a false sense of security.

Real security messages are more likely to promote vigilance, whereas suspicious emails are more likely to encourage you to trust them without question.

ZeroFont is a relatively new phishing tactic, whereby threat actors add a fake (and reassuring) security message at the beginning of an email but in font size 0, making the message appear only in the “listing pane” in Outlook, but not when you look at the email body or open the email.

See the below image for an example of a fake security message. In this case, it reads “This email and its content were scanned and confirmed safe” and doesn’t appear in the email body copy itself but does appear in the listing pane. 

This tactic is designed to trick recipients but also has the potential to fool email security controls too.

If you or your clients do come across anything like this at work or at home, or if you have any doubts about an email, be careful. Don't click on any links or attachments in the email, but follow your internal process to report the suspicious email or report it to report@phishing.gov.uk. 

Make it yours

Broker Create allows you to personalise ‘A quick guide to phishing in the workplace’ with your logo and contact details, before sharing with your clients.

Find out more