View Glossary

ZeroFont Phishing

ZeroFont Phishing image
What is it?
Hidden text in emails using font-size:0 or similar CSS tricks. Appears in preview pane but not in the visible body to falsely reassure recipients.

Testing?

  • Inspect raw HTML > Look for <span style="font-size:0px"> or display:none tags.
  • Compare preview vs body > If preview mentions “secure” or “verified” but body doesn’t, flag it.
  • Search for suspicious phrases > Hidden text often says “This email is safe” or “Verified sender.”
  • Automation > flag any zero-font or hidden text in email HTML.
  • Cross-Client checks > test in Gmail, Outlook, Apple Mail - as we all know behavior varies.
  • Educate users and peers > remind them 'Preview text can be manipulated - verify sender and links before clicking.'

See also - how to identify people using AI when applying for jobs...
Aj Wilson
Aj Wilson
9th December 2025
Add Definition
Explore MoT
Choosing AI-Powered API Testing Tools: What Capabilities Really Matter image

Choosing AI-Powered API Testing Tools: What Capabilities Really Matter

Thu, 19 Feb
In this webinar, Parasoft experts will discuss what to look for when selecting an AI-powered API testing solution.
MoT Software Testing Essentials Certificate image
MoT Software Testing Essentials Certificate
Boost your career in software testing with the MoT Software Testing Essentials Certificate. Learn essential skills, from basic testing techniques to advanced risk analysis, crafted by industry experts.
Certification
Into The Motaverse image
Into The Motaverse
Into the MoTaverse is a podcast by Ministry of Testing, hosted by Rosie Sherry, exploring the people, insights, and systems shaping quality in modern software teams.
Subscribe to our newsletter
We'll keep you up to date on all the testing trends.