Rule Name & Severity | Author | Last Updated | Labels | |
|---|---|---|---|---|
Reconnaissance: Hotel booking reply-to redirect | Sublime Security | 11d ago Jan 27th, 2026 | /feeds/core/detection-rules/reconnaissance-hotel-booking-reply-to-redirect-08c36035 | |
Reconnaissance: Short generic greeting message | Sublime Security | 11d ago Jan 27th, 2026 | /feeds/core/detection-rules/reconnaissance-short-generic-greeting-message-c67dedab | |
Request for Quote or Purchase (RFQ|RFP) with suspicious sender or recipient pattern | Sublime Security | 23d ago Jan 15th, 2026 | /feeds/core/detection-rules/request-for-quote-or-purchase-rfqorrfp-with-suspicious-sender-or-recipient-pattern-2ac0d329 | |
Scam: Piano giveaway | Sublime Security | 1mo ago Dec 11th, 2025 | /feeds/core/detection-rules/scam-piano-giveaway-1a91a203 | |
Service abuse: Free provider with SendGrid routing | Sublime Security | 30d ago Jan 8th, 2026 | /feeds/core/detection-rules/service-abuse-free-provider-with-sendgrid-routing-3079cacb | |
Service abuse: Google Drive share from an unsolicited reply-to address | Sublime Security | 6mo ago Aug 5th, 2025 | /feeds/core/detection-rules/service-abuse-google-drive-share-from-an-unsolicited-reply-to-address-4581ec0c | |
Service abuse: Google Drive share from new reply-to domain | Sublime Security | 2mo ago Nov 13th, 2025 | /feeds/core/detection-rules/service-abuse-google-drive-share-from-new-reply-to-domain-c1a2d367 | |
Spam: Default Microsoft Exchange Online sender domain (onmicrosoft.com) | Sublime Security | 26d ago Jan 12th, 2026 | /feeds/core/detection-rules/spam-default-microsoft-exchange-online-sender-domain-onmicrosoftcom-3f2a64ce | |
Spam: Fake dating profile notification | Sublime Security | 2mo ago Dec 3rd, 2025 | /feeds/core/detection-rules/spam-fake-dating-profile-notification-0f33fea2 | |
Spam: New link domain (<=10d) and emojis | Sublime Security | 6mo ago Jul 16th, 2025 | /feeds/core/detection-rules/spam-new-link-domain-less10d-and-emojis-33677993 | |
Spam: Sexually explicit Google Drive share | Sublime Security | 6mo ago Aug 5th, 2025 | /feeds/core/detection-rules/spam-sexually-explicit-google-drive-share-3f951c06 | |
Spam: Sexually explicit Google group invitation | Sublime Security | 2mo ago Nov 12th, 2025 | /feeds/core/detection-rules/spam-sexually-explicit-google-group-invitation-4e0bec29 | |
Spam: Sexually explicit Looker Studio report | Sublime Security | 4mo ago Oct 2nd, 2025 | /feeds/core/detection-rules/spam-sexually-explicit-looker-studio-report-f1e649cd | |
Spam: SMTP & Proxy Communications in Email Body | Sublime Security | 2mo ago Dec 2nd, 2025 | /feeds/core/detection-rules/spam-smtp-and-proxy-communications-in-email-body-2bdc6a3b | |
Spam: Unsolicited malformed PDF | Sublime Security | 6mo ago Jul 16th, 2025 | /feeds/core/detection-rules/spam-unsolicited-malformed-pdf-f0c50031 | |
Spam: URL shortener with short body content and emojis | Sublime Security | 26d ago Jan 12th, 2026 | /feeds/core/detection-rules/spam-url-shortener-with-short-body-content-and-emojis-b7797e4c | |
Suspicious mailer received from Gmail servers | Sublime Security | 6mo ago Jul 16th, 2025 | /feeds/core/detection-rules/suspicious-mailer-received-from-gmail-servers-f05f04ee | |
Suspicious request for financial information | Sublime Security | 2mo ago Dec 6th, 2025 | /feeds/core/detection-rules/suspicious-request-for-financial-information-4ebdaa4d | |
Suspicious SharePoint file sharing | Sublime Security | 6mo ago Aug 5th, 2025 | /feeds/core/detection-rules/suspicious-sharepoint-file-sharing-971c3d9c | |
VIP Impersonation via Google Group relay with suspicious indicators | Sublime Security | 2mo ago Nov 12th, 2025 | /feeds/core/detection-rules/vip-impersonation-via-google-group-relay-with-suspicious-indicators-57f9cd3b |