• Computer Vision

Detection Method: Computer Vision

Computer Vision uses image recognition to analyze visual elements in messages, attachments, and web content to detect threats or impersonation attempts. It examines logos, screenshots, and HTML to find signs of phishing or fraud.
Computer Vision can detect:
  • Brand impersonation with fake logos (e.g., Microsoft, PayPal)
  • Visual elements of phishing pages, like login forms
  • CAPTCHAs used to bypass security systems
  • Malicious content disguised as legitimate visuals
For example, attackers often create fake login pages mimicking trusted brands, and Computer Vision can detect these attempts by recognizing misused logos with high confidence.
Blog Posts
Living Off the Land: Callback Phishing via Docusign comment
Living Off the Land: Callback Phishing via Docusign comment
QR Code Phishing: Decoding Hidden Threats
QR Code Phishing: Decoding Hidden Threats
Call Me Maybe? The Rise of Callback Phishing Emails
Call Me Maybe? The Rise of Callback Phishing Emails
Attack Types (2):
Callback Phishing
Credential Phishing
Tactics & Techniques (11):
Evasion
Free email provider
Impersonation: Brand
Social engineering
Free file host
Image as content
PDF
QR code
Exploit
Out of band pivot
Free subdomain host
Rule Name & Severity
Last Updated
Author
Types, Tactics & Capabilities
Callback phishing via Intuit service abuse
2d ago
May 21st, 2025
Sublime Security
Callback Phishing
Evasion
Free email provider
Impersonation: Brand
Social engineering
Computer Vision
Content analysis
Header analysis
Optical Character Recognition
/feeds/core/detection-rules/callback-phishing-via-intuit-service-abuse-f2fe1294
Link: Multistage Landing - Scribd Document
7d ago
May 16th, 2025
Sublime Security
Credential Phishing
Evasion
Social engineering
Impersonation: Brand
Free file host
URL analysis
HTML analysis
Natural Language Understanding
Computer Vision
Optical Character Recognition
URL screenshot
/feeds/core/detection-rules/link-multistage-landing-scribd-document-afa9807d
Attachment: Adobe image lure in body or attachment with suspicious link
7d ago
May 16th, 2025
Sublime Security
Credential Phishing
Image as content
Impersonation: Brand
Content analysis
Computer Vision
Optical Character Recognition
Sender analysis
URL analysis
/feeds/core/detection-rules/attachment-adobe-image-lure-in-body-or-attachment-with-suspicious-link-1d7add81
Brand Impersonation: Zoom
8d ago
May 15th, 2025
Sublime Security
Credential Phishing
Impersonation: Brand
Social engineering
Evasion
Computer Vision
Content analysis
HTML analysis
Natural Language Understanding
URL analysis
/feeds/core/detection-rules/brand-impersonation-zoom-5abad540
Link: Multistage Landing - Ludus Presentation
9d ago
May 14th, 2025
Sublime Security
Credential Phishing
Evasion
Social engineering
Impersonation: Brand
Header analysis
URL analysis
Computer Vision
URL screenshot
Natural Language Understanding
Optical Character Recognition
Sender analysis
/feeds/core/detection-rules/link-multistage-landing-ludus-presentation-a8b3c311
Brand impersonation: Amazon with suspicious attachment
9d ago
May 14th, 2025
Sublime Security
Credential Phishing
Impersonation: Brand
Social engineering
Computer Vision
File analysis
Header analysis
Natural Language Understanding
Optical Character Recognition
Sender analysis
/feeds/core/detection-rules/brand-impersonation-amazon-with-suspicious-attachment-5751dcb9
Link: Figma Design Deck With Credential Phishing Language
16d ago
May 7th, 2025
Sublime Security
Credential Phishing
Evasion
Free file host
Social engineering
Natural Language Understanding
Computer Vision
Optical Character Recognition
URL analysis
URL screenshot
Sender analysis
/feeds/core/detection-rules/link-figma-design-deck-with-credential-phishing-language-87601924
Brand impersonation: Microsoft with embedded logo and credential theft language
16d ago
May 7th, 2025
Sublime Security
Credential Phishing
Impersonation: Brand
Social engineering
Computer Vision
Natural Language Understanding
Sender analysis
/feeds/core/detection-rules/brand-impersonation-microsoft-with-embedded-logo-and-credential-theft-language-3ee9ef3d
Credential phishing content and link (untrusted sender)
16d ago
May 7th, 2025
Sublime Security
Credential Phishing
Social engineering
Computer Vision
Sender analysis
URL analysis
URL screenshot
/feeds/core/detection-rules/credential-phishing-content-and-link-untrusted-sender-f0c95bb7
Brand impersonation: Microsoft with low reputation links
16d ago
May 7th, 2025
Sublime Security
Credential Phishing
Free file host
Image as content
Impersonation: Brand
Social engineering
Computer Vision
Content analysis
File analysis
Header analysis
Natural Language Understanding
Optical Character Recognition
Sender analysis
URL analysis
/feeds/core/detection-rules/brand-impersonation-microsoft-with-low-reputation-links-b59201b6
Brand Impersonation: Mailchimp
18d ago
May 5th, 2025
Sublime Security
Credential Phishing
Impersonation: Brand
Social engineering
Computer Vision
Natural Language Understanding
Content analysis
Header analysis
Sender analysis
/feeds/core/detection-rules/brand-impersonation-mailchimp-48b454c7
Credential phishing link (unknown sender)
23d ago
Apr 30th, 2025
Sublime Security
Credential Phishing
Social engineering
Computer Vision
Sender analysis
URL analysis
URL screenshot
/feeds/core/detection-rules/credential-phishing-link-unknown-sender-a278012b
Brand impersonation: DocuSign branded attachment lure with no DocuSign links
23d ago
Apr 30th, 2025
Sublime Security
Credential Phishing
Impersonation: Brand
Social engineering
Computer Vision
Content analysis
Header analysis
Natural Language Understanding
Optical Character Recognition
Sender analysis
URL screenshot
/feeds/core/detection-rules/brand-impersonation-docusign-branded-attachment-lure-with-no-docusign-links-814a5694
Attachment: Fake Voicemail via PDF
23d ago
Apr 30th, 2025
Sublime Security
Credential Phishing
PDF
QR code
Social engineering
Computer Vision
Content analysis
File analysis
Optical Character Recognition
QR code analysis
URL analysis
/feeds/core/detection-rules/attachment-fake-voicemail-via-pdf-d3587209
Link: Multistage Landing - Abuse Adobe Acrobat Hosted PDF
25d ago
Apr 28th, 2025
Sublime Security
Credential Phishing
Impersonation: Brand
Social engineering
Computer Vision
Optical Character Recognition
URL analysis
Header analysis
Sender analysis
/feeds/core/detection-rules/link-multistage-landing-abuse-adobe-acrobat-hosted-pdf-609081ef
Callback Phishing via Xodo Sign comment
25d ago
Apr 28th, 2025
Sublime Security
Callback Phishing
Exploit
Impersonation: Brand
Out of band pivot
Social engineering
Computer Vision
Content analysis
Header analysis
Sender analysis
URL analysis
/feeds/core/detection-rules/callback-phishing-via-xodo-sign-comment-6f722c5d
Brand Impersonation: Fake Fax
28d ago
Apr 25th, 2025
Sublime Security
Credential Phishing
Impersonation: Brand
Image as content
Free file host
Free subdomain host
Social engineering
Computer Vision
Content analysis
Optical Character Recognition
Sender analysis
URL analysis
/feeds/core/detection-rules/brand-impersonation-fake-fax-2a96b90a
Callback Phishing via Adobe Sign comment
28d ago
Apr 25th, 2025
Sublime Security
Callback Phishing
Evasion
Impersonation: Brand
Out of band pivot
Social engineering
Content analysis
Computer Vision
Header analysis
Sender analysis
URL analysis
/feeds/core/detection-rules/callback-phishing-via-adobe-sign-comment-7eb4516d
Brand impersonation: Microsoft (QR code)
1mo ago
Apr 15th, 2025
Sublime Security
Credential Phishing
Impersonation: Brand
PDF
QR code
Social engineering
Computer Vision
Header analysis
QR code analysis
Sender analysis
/feeds/core/detection-rules/brand-impersonation-microsoft-qr-code-ed0f772a
Attachment: QR code with credential phishing indicators
1mo ago
Apr 14th, 2025
Sublime Security
Credential Phishing
QR code
Social engineering
Computer Vision
Header analysis
Natural Language Understanding
QR code analysis
Sender analysis
URL analysis
URL screenshot
/feeds/core/detection-rules/attachment-qr-code-with-credential-phishing-indicators-9f1681e1