Sublime Core Feed

This repo contains open-source Rules for Sublime, a free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing.

Sublime Security

Last updated Apr 2nd, 2026

Feed Source

GitHub

Rule Name & Severity	Author	Last Updated	Labels
Brand impersonation: AARP	Sublime Security	4mo ago Dec 1st, 2025	BEC/Fraud Credential Phishing Impersonation: Brand Social engineering Content analysis Header analysis Sender analysis
Brand impersonation: Adobe (QR code)	Sublime Security	2mo ago Jan 12th, 2026	Credential Phishing Impersonation: Brand PDF QR code Computer Vision Header analysis QR code analysis Sender analysis
Brand impersonation: Adobe Sign with suspicious indicators	Sublime Security	2mo ago Jan 8th, 2026	Credential Phishing Impersonation: Brand Social engineering Content analysis Header analysis HTML analysis Sender analysis
Brand impersonation: Adobe with suspicious language and link	Sublime Security	4mo ago Nov 24th, 2025	Credential Phishing Impersonation: Brand Social engineering Computer Vision Content analysis Header analysis Sender analysis
Brand impersonation: ADP	Sublime Security	2mo ago Jan 12th, 2026	Credential Phishing Impersonation: Brand Social engineering Header analysis Sender analysis
Brand impersonation: AliExpress	Sublime Security	8mo ago Aug 5th, 2025	Callback Phishing Credential Phishing Impersonation: Brand Social engineering Content analysis Header analysis URL analysis
Brand impersonation: Amazon	Sublime Security	1mo ago Feb 13th, 2026	Credential Phishing Impersonation: Brand Social engineering Header analysis Sender analysis
Brand impersonation: Amazon Web Services (AWS)	Sublime Security	5mo ago Oct 10th, 2025	Credential Phishing Impersonation: Brand Social engineering Content analysis Header analysis Optical Character Recognition Sender analysis Natural Language Understanding
Brand impersonation: Amazon with suspicious attachment	Sublime Security	2mo ago Jan 12th, 2026	Credential Phishing Impersonation: Brand Social engineering Computer Vision File analysis Header analysis Natural Language Understanding Optical Character Recognition Sender analysis
Brand impersonation: American Express (AMEX)	Sublime Security	1mo ago Feb 17th, 2026	Credential Phishing Impersonation: Brand Lookalike domain Social engineering Header analysis Sender analysis
Brand impersonation: Apple	Sublime Security	3y ago Aug 21st, 2023	Credential Phishing Impersonation: Brand Social engineering Header analysis Sender analysis
Brand impersonation: Aquent	Sublime Security	5mo ago Oct 9th, 2025	BEC/Fraud Credential Phishing Impersonation: Brand Social engineering Content analysis Header analysis Sender analysis
Brand impersonation: Aramco	Sublime Security	2mo ago Jan 28th, 2026	BEC/Fraud Impersonation: Brand Lookalike domain Social engineering Content analysis Header analysis HTML analysis Natural Language Understanding Sender analysis
Brand impersonation: AuthentiSign	Sublime Security	2mo ago Jan 21st, 2026	Credential Phishing BEC/Fraud Impersonation: Brand Lookalike domain Social engineering Content analysis Header analysis Sender analysis
Brand impersonation: Bank of America	Sublime Security	3d ago Mar 31st, 2026	Credential Phishing Impersonation: Brand Lookalike domain Social engineering Header analysis Sender analysis
Brand impersonation: Barracuda Networks	Sublime Security	2mo ago Jan 12th, 2026	Credential Phishing Impersonation: Brand Lookalike domain Social engineering Header analysis Sender analysis
Brand impersonation: Binance	Sublime Security	7mo ago Sep 3rd, 2025	Credential Phishing Impersonation: Brand Lookalike domain Social engineering Content analysis Header analysis HTML analysis Natural Language Understanding Sender analysis
Brand impersonation: Blockchain[.]com	Sublime Security	2mo ago Jan 21st, 2026	Credential Phishing Impersonation: Brand Lookalike domain Social engineering Header analysis Sender analysis
Brand impersonation: Booking.com	Sublime Security	22d ago Mar 12th, 2026	Credential Phishing Impersonation: Brand Social engineering Natural Language Understanding Header analysis Sender analysis
Brand impersonation: Box file sharing service	Sublime Security	6mo ago Sep 23rd, 2025	Credential Phishing Impersonation: Brand Social engineering Computer Vision Content analysis Header analysis Sender analysis
Brand impersonation: Capital One	Sublime Security	4mo ago Nov 17th, 2025	Credential Phishing Impersonation: Brand Lookalike domain Social engineering Computer Vision Sender analysis Header analysis
Brand impersonation: Charles Schwab	Sublime Security	7mo ago Sep 3rd, 2025	Credential Phishing Impersonation: Brand Lookalike domain Social engineering Header analysis Sender analysis
Brand impersonation: Chase Bank	Sublime Security	1mo ago Mar 2nd, 2026	Credential Phishing Impersonation: Brand Lookalike domain Social engineering Header analysis Sender analysis
Brand impersonation: Chase bank with credential phishing indicators	Sublime Security	2mo ago Jan 12th, 2026	Credential Phishing Impersonation: Brand Social engineering Computer Vision File analysis Natural Language Understanding Sender analysis URL analysis
Brand impersonation: Coinbase	Sublime Security	4mo ago Nov 4th, 2025	Credential Phishing Impersonation: Brand Lookalike domain Social engineering Header analysis Sender analysis
Brand impersonation: Coinbase with suspicious links	Sublime Security	6mo ago Sep 22nd, 2025	Credential Phishing Evasion Free subdomain host Image as content Impersonation: Brand Computer Vision Content analysis File analysis URL analysis
Brand impersonation: Dashlane	Sublime Security	8mo ago Jul 16th, 2025	Credential Phishing Impersonation: Brand Social engineering Header analysis Sender analysis
Brand impersonation: DHL	Sublime Security	4mo ago Dec 1st, 2025	Credential Phishing Impersonation: Brand Lookalike domain Social engineering Header analysis Sender analysis
Brand impersonation: DigitalOcean	Sublime Security	6mo ago Sep 18th, 2025	Credential Phishing Impersonation: Brand Lookalike domain Social engineering Header analysis Sender analysis
Brand impersonation: Discord notification	Sublime Security	5mo ago Oct 23rd, 2025	Credential Phishing Impersonation: Brand Social engineering Computer Vision Content analysis
Brand Impersonation: Disney	Sublime Security	30d ago Mar 4th, 2026	Credential Phishing Impersonation: Brand Social engineering Computer Vision Natural Language Understanding Content analysis Header analysis Sender analysis
Brand impersonation: DocSend	Sublime Security	16d ago Mar 18th, 2026	Credential Phishing Impersonation: Brand Lookalike domain Social engineering Header analysis Sender analysis
Brand impersonation: DocuSign	Sublime Security	1mo ago Feb 24th, 2026	Credential Phishing Impersonation: Brand Lookalike domain Social engineering Spoofing Header analysis Sender analysis URL analysis
Brand impersonation: DocuSign branded attachment lure with no DocuSign links	Sublime Security	5mo ago Oct 22nd, 2025	Credential Phishing Impersonation: Brand Social engineering Computer Vision Content analysis Header analysis Natural Language Understanding Optical Character Recognition Sender analysis URL screenshot
Brand impersonation: DocuSign PDF attachment with suspicious link	Sublime Security	5mo ago Oct 22nd, 2025	Credential Phishing Impersonation: Brand PDF Social engineering File analysis Natural Language Understanding Optical Character Recognition URL analysis
Brand impersonation: DocuSign (QR code)	Sublime Security	5mo ago Oct 15th, 2025	Credential Phishing Impersonation: Brand PDF QR code Social engineering Computer Vision Header analysis QR code analysis Sender analysis
Brand impersonation: DocuSign with embedded QR code	Sublime Security	5mo ago Oct 17th, 2025	Credential Phishing Evasion Image as content Impersonation: Brand QR code Computer Vision Content analysis QR code analysis Sender analysis
Brand impersonation: DoorDash	Sublime Security	2mo ago Jan 12th, 2026	Credential Phishing Impersonation: Brand Social engineering Header analysis Sender analysis
Brand impersonation: Dotloop	Sublime Security	8mo ago Jul 16th, 2025	Credential Phishing Impersonation: Brand Social engineering Header analysis Sender analysis
Brand impersonation: Dropbox	Sublime Security	1mo ago Feb 12th, 2026	Credential Phishing Impersonation: Brand Social engineering Content analysis File analysis Header analysis Sender analysis
Brand impersonation: Enbridge	Sublime Security	1y ago Jan 24th, 2025	BEC/Fraud Credential Phishing Impersonation: Brand Social engineering Content analysis Header analysis Sender analysis
Brand impersonation: Evite	Sublime Security	2mo ago Jan 12th, 2026	Credential Phishing Impersonation: Brand Social engineering Content analysis Sender analysis
Brand impersonation: Exodus	Sublime Security	2mo ago Jan 12th, 2026	Credential Phishing Impersonation: Brand Social engineering Header analysis Natural Language Understanding Sender analysis
Brand impersonation: Fake DocuSign HTML table not linking to DocuSign domains	Sublime Security	3mo ago Dec 10th, 2025	Credential Phishing Impersonation: Brand Social engineering Content analysis HTML analysis Header analysis Sender analysis URL analysis
Brand impersonation: Fake Fax	Sublime Security	1mo ago Feb 5th, 2026	Credential Phishing Impersonation: Brand Image as content Free file host Free subdomain host Social engineering Computer Vision Content analysis Optical Character Recognition Sender analysis URL analysis
Brand impersonation: Fastway	Sublime Security	2mo ago Jan 12th, 2026	Credential Phishing Impersonation: Brand Lookalike domain Social engineering Sender analysis
Brand impersonation: FedEx	Sublime Security	18d ago Mar 16th, 2026	Credential Phishing Impersonation: Brand Lookalike domain Social engineering Header analysis Sender analysis
Brand impersonation: File sharing notification with template artifacts	Sublime Security	2mo ago Jan 23rd, 2026	Credential Phishing Impersonation: Brand Social engineering Evasion HTML analysis Computer Vision Content analysis Header analysis
Brand impersonation: FINRA	Sublime Security	6mo ago Oct 3rd, 2025	Credential Phishing Impersonation: Brand Lookalike domain Social engineering Header analysis Sender analysis
Brand Impersonation: Gemini Trust Company	Sublime Security	2mo ago Jan 12th, 2026	Credential Phishing Impersonation: Brand Social engineering Content analysis URL analysis Sender analysis Header analysis

149 Rules

Page 1 of 3