Attack Type: BEC/Fraud

Business Email Compromise (BEC) and fraud attacks rely on deception and social engineering. Instead of using links or attachments, attackers impersonate trusted figures like coworkers, executives, or vendors to trick you into sharing sensitive information or transferring funds. These attacks can bypass traditional security tools because the emails often seem harmless.
Expect fake invoices, urgent wire transfer requests, or a vendor asking you to update payment details. The first email is usually brief—just enough to start a conversation. The attacker might spoof a display name, reply to an old thread, or ask you to continue the conversation via personal email or phone. That is often the giveaway.
Even though these attacks may appear low-effort, the impact can be significant. They can lead to wire fraud, compliance violations, and damage to the organization's reputation. Organizations lose billions to BEC attacks each year.
Rule Name & Severity
Last Updated
Author
Types, Tactics & Capabilities
Stripe invoice abuse
2d ago
Jul 14th, 2026
Sublime Security
Brand impersonation: Internal Revenue Service
2d ago
Jul 14th, 2026
Sublime Security
Business Email Compromise (BEC) with request for mobile number
2d ago
Jul 14th, 2026
Sublime Security
Credential phishing: Generic document share with unicode and proceedural greeting template
2d ago
Jul 14th, 2026
Sublime Security
VIP impersonation: VIP payment redirect handoff via fake threads
3d ago
Jul 13th, 2026
Sublime Security
VIP impersonation: Payment handoff with VIP display name authored fake threads
3d ago
Jul 13th, 2026
Sublime Security
VIP impersonation: Fake thread with VIPs missing email metadata
3d ago
Jul 13th, 2026
Sublime Security
Link: Generic financial document with proceedural timeline template
6d ago
Jul 10th, 2026
Sublime Security
Impersonation: Employee name in subject with suspicious sender
6d ago
Jul 10th, 2026
Sublime Security
Brand impersonation: AARP
7d ago
Jul 9th, 2026
Sublime Security
Observed IOC: Malicious sender email addresses
7d ago
Jul 9th, 2026
Sublime Security
Reconnaissance: Fake real estate inquiry with empty body
8d ago
Jul 8th, 2026
Sublime Security
VIP impersonation: VIP name within a delimited subject with fake previous threads
8d ago
Jul 8th, 2026
Sublime Security
VIP impersonation: Fabricated thread history with fake VIP recipients
8d ago
Jul 8th, 2026
Sublime Security
AnonymousFox indicators
8d ago
Jul 8th, 2026
Sublime Security
VIP impersonation: Fake forwarded indicator with VIP recipient impersonation
9d ago
Jul 7th, 2026
Sublime Security
VIP impersonation: Invoice fraud with mobile device sign-off
9d ago
Jul 7th, 2026
Sublime Security
VIP impersonation: VIP recipient of previous thread with HTML generator
9d ago
Jul 7th, 2026
Sublime Security
Business Email Compromise: Request for mobile number via reply thread hijacking
10d ago
Jul 6th, 2026
Sublime Security
BEC/Fraud: Unsolicited business acquisition offer
10d ago
Jul 6th, 2026
Sublime Security