• Sublime Core Feed

Sublime Core Feed

This repo contains open-source Rules for Sublime, a free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing.

Sublime Security
Last updated Feb 14th, 2025
Feed Source
GitHub
Attack Type is
Rule Name & Severity
Author
Last Updated
Labels
Advance Fee Fraud (AFF) from freemail provider or suspicious TLD
Sublime Security
3mo ago
Nov 5th, 2024
BEC/Fraud
Social engineering
Content analysis
Header analysis
Natural Language Understanding
Sender analysis
/feeds/core/detection-rules/advance-fee-fraud-aff-from-freemail-provider-or-suspicious-tld-6a5af373
AnonymousFox Indicators
Sublime Security
7mo ago
Jul 19th, 2024
/feeds/core/detection-rules/anonymousfox-indicators-2506206e
Attachment: Link to Doubleclick.net Open Redirect
Sublime Security
3mo ago
Oct 24th, 2024
/feeds/core/detection-rules/attachment-link-to-doubleclicknet-open-redirect-506c16cc
Attachment: PDF file with Link to Fake Bitcoin Exchange
Sublime Security
2y ago
Aug 21st, 2023
/feeds/core/detection-rules/attachment-pdf-file-with-link-to-fake-bitcoin-exchange-47601cb7
Attachment: RFP/RFQ impersonating government entities
Sublime Security
1y ago
Jan 30th, 2024
/feeds/core/detection-rules/attachment-rfprfq-impersonating-government-entities-3b73e3b3
BEC: Employee impersonation with subject manipulation
Sublime Security
1y ago
Jan 22nd, 2024
/feeds/core/detection-rules/bec-employee-impersonation-with-subject-manipulation-9adfc77b
BEC/Fraud: Generic Scam attempt to Undisclosed Receipients
Sublime Security
9mo ago
Apr 23rd, 2024
/feeds/core/detection-rules/becfraud-generic-scam-attempt-to-undisclosed-receipients-5dac401f
BEC/Fraud - Job Scam Fake thread or plaintext pivot to freemail
Sublime Security
1y ago
Jan 8th, 2024
/feeds/core/detection-rules/becfraud-job-scam-fake-thread-or-plaintext-pivot-to-freemail-ce21c151
BEC/Fraud: Romance Scam
Sublime Security
2y ago
Nov 23rd, 2023
/feeds/core/detection-rules/becfraud-romance-scam-0243cdaa
BEC/Fraud: Scam Lure with freemail pivot
Sublime Security
8mo ago
Jun 3rd, 2024
/feeds/core/detection-rules/becfraud-scam-lure-with-freemail-pivot-898c769f
BEC/Fraud - Student loan callback phishing
Sublime Security
4mo ago
Oct 4th, 2024
/feeds/core/detection-rules/becfraud-student-loan-callback-phishing-a71f82c3
BEC/Fraud: Urgent Language and Suspicious Sending/Infrastructure Patterns
Sublime Security
1mo ago
Jan 16th, 2025
/feeds/core/detection-rules/becfraud-urgent-language-and-suspicious-sendinginfrastructure-patterns-ba8a79e0
BEC with unusual Reply-to or Return-path mismatch
Sublime Security
5mo ago
Aug 27th, 2024
/feeds/core/detection-rules/bec-with-unusual-reply-to-or-return-path-mismatch-83e5e2df
Brand impersonation: Aramco
Sublime Security
4mo ago
Oct 10th, 2024
/feeds/core/detection-rules/brand-impersonation-aramco-96e87699
Brand impersonation: Enbridge
Sublime Security
24d ago
Jan 24th, 2025
/feeds/core/detection-rules/brand-impersonation-enbridge-203a6a28
Brand impersonation: Interac
Sublime Security
5mo ago
Sep 16th, 2024
/feeds/core/detection-rules/brand-impersonation-interac-50a883dc
Brand Impersonation: Mailgun
Sublime Security
3mo ago
Nov 15th, 2024
/feeds/core/detection-rules/brand-impersonation-mailgun-59cc84e6
Brand impersonation: Microsoft logo or suspicious language with open redirect
Sublime Security
11mo ago
Mar 7th, 2024
/feeds/core/detection-rules/brand-impersonation-microsoft-logo-or-suspicious-language-with-open-redirect-27b8d8d8
Brand Impersonation: QuickBooks Notification From Intuit Themed Company Name
Sublime Security
2mo ago
Dec 16th, 2024
/feeds/core/detection-rules/brand-impersonation-quickbooks-notification-from-intuit-themed-company-name-42058fc4
Business Email Compromise (BEC) attempt from unsolicited sender
Sublime Security
9mo ago
Apr 23rd, 2024
/feeds/core/detection-rules/business-email-compromise-bec-attempt-from-unsolicited-sender-57eccc45
Business Email Compromise (BEC) attempt from untrusted sender
Sublime Security
7mo ago
Jun 24th, 2024
/feeds/core/detection-rules/business-email-compromise-bec-attempt-from-untrusted-sender-96d4c35a
Business Email Compromise (BEC) attempt from untrusted sender (French/Français)
Sublime Security
3mo ago
Nov 14th, 2024
/feeds/core/detection-rules/business-email-compromise-bec-attempt-from-untrusted-sender-frenchfrancais-b7d1e096
Business Email Compromise (BEC) attempt with masked recipients and reply-to mismatch (unsolicited)
Sublime Security
11mo ago
Feb 23rd, 2024
/feeds/core/detection-rules/business-email-compromise-bec-attempt-with-masked-recipients-and-reply-to-mismatch-unsolicited-682191bf
Business Email Compromise (BEC) with request for mobile number
Sublime Security
5mo ago
Aug 29th, 2024
/feeds/core/detection-rules/business-email-compromise-bec-with-request-for-mobile-number-514ffd68
COVID-19 themed fraud with sender and reply-to mismatch
Sublime Security
8mo ago
Jun 13th, 2024
/feeds/core/detection-rules/covid-19-themed-fraud-with-sender-and-reply-to-mismatch-a16480ef
Employee Impersonation: Payroll Fraud
Sublime Security
2mo ago
Dec 16th, 2024
/feeds/core/detection-rules/employee-impersonation-payroll-fraud-2beb7d85
Employee impersonation with urgent request (untrusted sender)
Sublime Security
7mo ago
Jul 17th, 2024
/feeds/core/detection-rules/employee-impersonation-with-urgent-request-untrusted-sender-1ce9a146
Extortion / Sextortion - PDF attachment leveraging breach data from freemail sender
Sublime Security
14d ago
Feb 3rd, 2025
/feeds/core/detection-rules/extortion-sextortion-pdf-attachment-leveraging-breach-data-from-freemail-sender-efb5a213
Fake Message Thread - Untrusted Sender with a Mismatched Freemail Reply-To Address
Sublime Security
1mo ago
Jan 9th, 2025
/feeds/core/detection-rules/fake-message-thread-untrusted-sender-with-a-mismatched-freemail-reply-to-address-ca64e819
Fake request for tax preparation
Sublime Security
7mo ago
Jul 12th, 2024
/feeds/core/detection-rules/fake-request-for-tax-preparation-e36b85b3
Fake thread with suspicious indicators
Sublime Security
6mo ago
Aug 7th, 2024
/feeds/core/detection-rules/fake-thread-with-suspicious-indicators-c2e18a57
File sharing link with a suspicious subject
Sublime Security
9mo ago
Apr 23rd, 2024
/feeds/core/detection-rules/file-sharing-link-with-a-suspicious-subject-a306e2a6
Fraudulent E-commerce Operators
Sublime Security
2mo ago
Nov 20th, 2024
/feeds/core/detection-rules/fraudulent-e-commerce-operators-3776a6fc
Headers: iOS/iPadOS mailer with invalid build number
Sublime Security
2y ago
Aug 17th, 2023
/feeds/core/detection-rules/headers-iosipados-mailer-with-invalid-build-number-e0b74072
Honorific greeting BEC attempt with sender and reply-to mismatch
Sublime Security
5mo ago
Aug 27th, 2024
/feeds/core/detection-rules/honorific-greeting-bec-attempt-with-sender-and-reply-to-mismatch-aa41b1b7
HR Impersonation via E-sign Agreement Comment
Sublime Security
3mo ago
Nov 15th, 2024
/feeds/core/detection-rules/hr-impersonation-via-e-sign-agreement-comment-796c6f0f
Impersonation: Human Resources with link or attachment and engaging language
Sublime Security
3d ago
Feb 14th, 2025
/feeds/core/detection-rules/impersonation-human-resources-with-link-or-attachment-and-engaging-language-8c95a6a8
Impersonation: Suspected supplier impersonation with suspicious content
Sublime Security
14d ago
Feb 3rd, 2025
/feeds/core/detection-rules/impersonation-suspected-supplier-impersonation-with-suspicious-content-63d8b1ce
Job Scam (unsolicited sender)
Sublime Security
2mo ago
Dec 5th, 2024
/feeds/core/detection-rules/job-scam-unsolicited-sender-a37dc32d
Link: Invoice or receipt from freemail sender with customer service number
@vector_sec
2y ago
Oct 4th, 2023
/feeds/core/detection-rules/link-invoice-or-receipt-from-freemail-sender-with-customer-service-number-3825232d
Lookalike sender domain (untrusted sender)
Sublime Security
8mo ago
Jun 3rd, 2024
/feeds/core/detection-rules/lookalike-sender-domain-untrusted-sender-67721993
Microsoft Infrastructure Abuse With Suspicious Patterns
Sublime Security
1mo ago
Jan 7th, 2025
/feeds/core/detection-rules/microsoft-infrastructure-abuse-with-suspicious-patterns-cfe8e804