'This creates a layered form of obfuscation': New report says criminals are using emojis to avoid detection

News
By published

Security analysts aren't scanning the dark web for emojis

Angry emoji
(Image credit: Shutterstock)
  • Flashpoint warns cybercriminals use emojis to evade detection
  • Emojis replace fraud and financial keywords to bypass filters
  • Symbols like 💳, 🔑, 🤖 signal cards, credentials, and malware

Just as everyone else these days, cybercriminals use emojis, too. But they’re not just using them to make their messages fun or exciting, they’re also using them to hide their communication in plain sight and evade security analysts’ scrutiny.

This is according to a new report from threat intelligence experts, Flashpoint. Published earlier this week, Flashpoint says threat actors may substitute emojis for keywords associated with fraud techniques, financial activity, as well as specific platforms or services.

“For example, replacing “credit card” with 💳 or “bank” with 🏦 can help bypass basic keyword filters or reduce visibility in automated moderation systems,” the report states. “When combined with slang, abbreviations, and multilingual phrasing, this creates a layered form of obfuscation that complicates large-scale monitoring efforts.”

Article continues below

In other words, security professionals scouring the dark web for news of breaches and new malware services need to start adding emojis to the list of monitored keywords, too.

Numerous categories

Flashpoint has split the emojis crooks use into a few categories, such as Financial Activity, Access Credentials and Compromise, Tools, Automations, and Services, Targets and Geography, and Urgency, Success, and Status.

Some emojis, such as 💰 and 💸 can signal profit, successful fraud, or payouts, while 🪙 can suggest cryptocurrency-related activity.

These emojis - 🔑, or 🔓, relate to credentials and account access, as well as successful breaches and unlocked accounts. For Tools, Automation, and Services, emojis like 🤖, ⚙️, or 🧰 describe malware, settings, toolkits and bundled services.

The full list of analyzed emojis can be found here.

Flashpoint also says that there is another practical side to using emojis and that is - being able to communicate properly across regions and languages. Not everyone in the cybercriminal community speaks (proper) English, and being able to inform everyone about certain activity - quickly - most definitely helps.

All we’ll add to that is - 🤮

Best antivirus software header
The best antivirus for all budgets

➡️ Read our full guide to the best antivirus
1. Best overall:
Bitdefender Total Security
2. Best for families:
Norton 360 with LifeLock
3. Best for mobile:
McAfee Mobile Security

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

TOPICS
Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.