Sublime Security

Sublime Core Feed
Free email provider
Learn More
Login to Sublime
Attack Types
BEC/Fraud
Callback Phishing
Credential Phishing
Extortion
Malware/Ransomware
Reconnaissance
Spam
Tactics and Techniques
Encryption
Evasion
Exploit
Free email provider
Free file host
Free subdomain host
HTML smuggling
Image as content
Impersonation: Brand
Impersonation: Employee
Impersonation: VIP
IPFS
ISO
LNK
Lookalike domain
Macros
OneNote
Open redirect
Out of band pivot
PDF
Punycode
QR code
Scripting
Social engineering
Spoofing
Detection Methods
Archive analysis
Content analysis
Computer Vision
Exif analysis
File analysis
Header analysis
HTML analysis
Javascript analysis
Macro analysis
Natural Language Understanding
Optical Character Recognition
OLE analysis
PDF analysis
QR code analysis
Sender analysis
Threat intelligence
URL analysis
URL screenshot
Whois
XML analysis
YARA
Tactic or Technique: Free email provider
Attackers often use free email services like Gmail, Hotmail, and Yahoo to send phishing messages that are harder to detect. These platforms are widely trusted and have high deliverability, which makes it easier for malicious emails to land in your inbox.
It only takes a few minutes for an attacker to create a throwaway account. From there, they can spoof a display name to look like a coworker, vendor, or partner. Since free email addresses are often used in real conversations, the message may not seem out of place.
This tactic works because it blends in. A message might look clean, use a familiar name, and avoid anything that would trigger a filter. If you’re not paying close attention, it’s easy to miss the signs and respond without realizing the sender isn’t who they claim to be.
Blog Posts
Hiding a $50,000 BEC financial fraud in a fake email thread · Blog · Sublime Security
Payroll Fraud via LLM-Generated Emails · Blog · Sublime Security
Call Me Maybe? The Rise of Callback Phishing Emails · Blog · Sublime Security
Attack Types (5):
Spam
BEC/Fraud
Credential Phishing
Callback Phishing
Malware/Ransomware
Detection Methods (12):
Content analysis
Header analysis
Natural Language Understanding
Sender analysis
URL analysis
QR code analysis
File analysis
Optical Character Recognition
Computer Vision
Exif analysis
Whois
HTML analysis
Rule Name & Severity
Last Updated
Types, Tactics & Capabilities
Spam: Fake dating profile notification
10d ago
Mar 20th, 2026
Sublime Security
Spam
Free email provider
Social engineering
Content analysis
Header analysis
Natural Language Understanding
Sender analysis
URL analysis
Spam
Free email provider
Social engineering
Content analysis
Header analysis
Natural Language Understanding
Sender analysis
URL analysis
Spam: Sexually explicit content with emoji in subject from freemail provider
20d ago
Mar 10th, 2026
Sublime Security
Spam
Free email provider
Social engineering
Content analysis
Header analysis
Natural Language Understanding
Sender analysis
Spam
Free email provider
Social engineering
Content analysis
Header analysis
Natural Language Understanding
Sender analysis
BEC/Fraud: Romance scam
21d ago
Mar 9th, 2026
Sublime Security
BEC/Fraud
Free email provider
Social engineering
Content analysis
Header analysis
BEC/Fraud
Free email provider
Social engineering
Content analysis
Header analysis
Request for Quote or Purchase (RFQ|RFP) with suspicious sender or recipient pattern
21d ago
Mar 9th, 2026
Sublime Security
BEC/Fraud
Evasion
Free email provider
Content analysis
Natural Language Understanding
URL analysis
BEC/Fraud
Evasion
Free email provider
Content analysis
Natural Language Understanding
URL analysis
Brand impersonation: Zoom via lookalike domain
24d ago
Mar 6th, 2026
Sublime Security
Credential Phishing
Impersonation: Brand
Free email provider
Social engineering
URL analysis
Sender analysis
Credential Phishing
Impersonation: Brand
Free email provider
Social engineering
URL analysis
Sender analysis
BEC with unusual reply-to or return-path mismatch
27d ago
Mar 3rd, 2026
Sublime Security
BEC/Fraud
Evasion
Free email provider
Social engineering
Content analysis
Header analysis
Natural Language Understanding
Sender analysis
BEC/Fraud
Evasion
Free email provider
Social engineering
Content analysis
Header analysis
Natural Language Understanding
Sender analysis
Reconnaissance: Email address harvesting attempt
1mo ago
Feb 23rd, 2026
Sublime Security
BEC/Fraud
Credential Phishing
Spam
Free email provider
Social engineering
Content analysis
Header analysis
Sender analysis
URL analysis
BEC/Fraud
Credential Phishing
Spam
Free email provider
Social engineering
Content analysis
Header analysis
Sender analysis
URL analysis
Canva infrastructure abuse
1mo ago
Feb 6th, 2026
Sublime Security
BEC/Fraud
Callback Phishing
Social engineering
Impersonation: Brand
Impersonation: Employee
Free email provider
Natural Language Understanding
Sender analysis
Content analysis
BEC/Fraud
Callback Phishing
Social engineering
Impersonation: Brand
Impersonation: Employee
Free email provider
Natural Language Understanding
Sender analysis
Content analysis
ClickFunnels link infrastructure abuse
1mo ago
Feb 5th, 2026
Sublime Security
Credential Phishing
Free email provider
Free subdomain host
Social engineering
Content analysis
Header analysis
QR code analysis
Sender analysis
URL analysis
Credential Phishing
Free email provider
Free subdomain host
Social engineering
Content analysis
Header analysis
QR code analysis
Sender analysis
URL analysis
Impersonation: Executive using numbered local part
1mo ago
Jan 30th, 2026
Sublime Security
BEC/Fraud
Free email provider
Impersonation: VIP
Social engineering
Header analysis
Sender analysis
BEC/Fraud
Free email provider
Impersonation: VIP
Social engineering
Header analysis
Sender analysis
Reconnaissance: Hotel booking reply-to redirect
2mo ago
Jan 27th, 2026
Sublime Security
BEC/Fraud
Free email provider
Social engineering
Content analysis
Header analysis
Sender analysis
BEC/Fraud
Free email provider
Social engineering
Content analysis
Header analysis
Sender analysis
Reconnaissance: Short generic greeting message
2mo ago
Jan 27th, 2026
Sublime Security
BEC/Fraud
Callback Phishing
Social engineering
Free email provider
Content analysis
Header analysis
Natural Language Understanding
Sender analysis
BEC/Fraud
Callback Phishing
Social engineering
Free email provider
Content analysis
Header analysis
Natural Language Understanding
Sender analysis
Fake message thread - Untrusted sender with a mismatched freemail reply-to address
2mo ago
Jan 12th, 2026
Sublime Security
BEC/Fraud
Free email provider
Social engineering
Content analysis
Header analysis
Sender analysis
BEC/Fraud
Free email provider
Social engineering
Content analysis
Header analysis
Sender analysis
Message traversed multiple onmicrosoft.com tenants
2mo ago
Jan 12th, 2026
Sublime Security
Callback Phishing
Evasion
Free email provider
Free subdomain host
Sender analysis
Header analysis
Callback Phishing
Evasion
Free email provider
Free subdomain host
Sender analysis
Header analysis
Domain impersonation: Freemail reply-to local lookalike with financial request
2mo ago
Jan 12th, 2026
Sublime Security
Credential Phishing
Free email provider
Social engineering
Content analysis
Header analysis
Natural Language Understanding
Sender analysis
Credential Phishing
Free email provider
Social engineering
Content analysis
Header analysis
Natural Language Understanding
Sender analysis
Brand impersonation: Norton
2mo ago
Jan 12th, 2026
Sublime Security
Credential Phishing
Free email provider
Impersonation: Brand
Social engineering
Content analysis
File analysis
Header analysis
Sender analysis
Credential Phishing
Free email provider
Impersonation: Brand
Social engineering
Content analysis
File analysis
Header analysis
Sender analysis
Link: Apple App Store malicious ad manager themed apps from free email provider
2mo ago
Jan 12th, 2026
Sublime Security
Credential Phishing
BEC/Fraud
Malware/Ransomware
Free email provider
Social engineering
Evasion
Content analysis
Sender analysis
URL analysis
Credential Phishing
BEC/Fraud
Malware/Ransomware
Free email provider
Social engineering
Evasion
Content analysis
Sender analysis
URL analysis
Credential phishing: Engaging language and other indicators (untrusted sender)
2mo ago
Jan 12th, 2026
Sublime Security
Credential Phishing
Free email provider
Social engineering
Content analysis
Header analysis
Natural Language Understanding
Sender analysis
URL analysis
Credential Phishing
Free email provider
Social engineering
Content analysis
Header analysis
Natural Language Understanding
Sender analysis
URL analysis
Link: Invoice or receipt from freemail sender with customer service number
2mo ago
Jan 12th, 2026
@vector_sec
BEC/Fraud
Callback Phishing
Free email provider
Impersonation: Brand
Social engineering
Content analysis
Sender analysis
URL analysis
BEC/Fraud
Callback Phishing
Free email provider
Impersonation: Brand
Social engineering
Content analysis
Sender analysis
URL analysis
Spam: Default Microsoft Exchange Online sender domain (onmicrosoft.com)
2mo ago
Jan 12th, 2026
Sublime Security
Callback Phishing
Credential Phishing
Spam
Free email provider
Impersonation: Brand
Social engineering
Content analysis
Sender analysis
Callback Phishing
Credential Phishing
Spam
Free email provider
Impersonation: Brand
Social engineering
Content analysis
Sender analysis
Page 1 of 4

Rule Name & Severity	Last Updated	Author	Types, Tactics & Capabilities
Spam: Fake dating profile notification	10d ago Mar 20th, 2026	Sublime Security	Spam Free email provider Social engineering Content analysis Header analysis Natural Language Understanding Sender analysis URL analysis
Spam: Sexually explicit content with emoji in subject from freemail provider	20d ago Mar 10th, 2026	Sublime Security	Spam Free email provider Social engineering Content analysis Header analysis Natural Language Understanding Sender analysis
BEC/Fraud: Romance scam	21d ago Mar 9th, 2026	Sublime Security	BEC/Fraud Free email provider Social engineering Content analysis Header analysis
Request for Quote or Purchase (RFQ\|RFP) with suspicious sender or recipient pattern	21d ago Mar 9th, 2026	Sublime Security	BEC/Fraud Evasion Free email provider Content analysis Natural Language Understanding URL analysis
Brand impersonation: Zoom via lookalike domain	24d ago Mar 6th, 2026	Sublime Security	Credential Phishing Impersonation: Brand Free email provider Social engineering URL analysis Sender analysis
BEC with unusual reply-to or return-path mismatch	27d ago Mar 3rd, 2026	Sublime Security	BEC/Fraud Evasion Free email provider Social engineering Content analysis Header analysis Natural Language Understanding Sender analysis
Reconnaissance: Email address harvesting attempt	1mo ago Feb 23rd, 2026	Sublime Security	BEC/Fraud Credential Phishing Spam Free email provider Social engineering Content analysis Header analysis Sender analysis URL analysis
Canva infrastructure abuse	1mo ago Feb 6th, 2026	Sublime Security	BEC/Fraud Callback Phishing Social engineering Impersonation: Brand Impersonation: Employee Free email provider Natural Language Understanding Sender analysis Content analysis
ClickFunnels link infrastructure abuse	1mo ago Feb 5th, 2026	Sublime Security	Credential Phishing Free email provider Free subdomain host Social engineering Content analysis Header analysis QR code analysis Sender analysis URL analysis
Impersonation: Executive using numbered local part	1mo ago Jan 30th, 2026	Sublime Security	BEC/Fraud Free email provider Impersonation: VIP Social engineering Header analysis Sender analysis
Reconnaissance: Hotel booking reply-to redirect	2mo ago Jan 27th, 2026	Sublime Security	BEC/Fraud Free email provider Social engineering Content analysis Header analysis Sender analysis
Reconnaissance: Short generic greeting message	2mo ago Jan 27th, 2026	Sublime Security	BEC/Fraud Callback Phishing Social engineering Free email provider Content analysis Header analysis Natural Language Understanding Sender analysis
Fake message thread - Untrusted sender with a mismatched freemail reply-to address	2mo ago Jan 12th, 2026	Sublime Security	BEC/Fraud Free email provider Social engineering Content analysis Header analysis Sender analysis
Message traversed multiple onmicrosoft.com tenants	2mo ago Jan 12th, 2026	Sublime Security	Callback Phishing Evasion Free email provider Free subdomain host Sender analysis Header analysis
Domain impersonation: Freemail reply-to local lookalike with financial request	2mo ago Jan 12th, 2026	Sublime Security	Credential Phishing Free email provider Social engineering Content analysis Header analysis Natural Language Understanding Sender analysis
Brand impersonation: Norton	2mo ago Jan 12th, 2026	Sublime Security	Credential Phishing Free email provider Impersonation: Brand Social engineering Content analysis File analysis Header analysis Sender analysis
Link: Apple App Store malicious ad manager themed apps from free email provider	2mo ago Jan 12th, 2026	Sublime Security	Credential Phishing BEC/Fraud Malware/Ransomware Free email provider Social engineering Evasion Content analysis Sender analysis URL analysis
Credential phishing: Engaging language and other indicators (untrusted sender)	2mo ago Jan 12th, 2026	Sublime Security	Credential Phishing Free email provider Social engineering Content analysis Header analysis Natural Language Understanding Sender analysis URL analysis
Link: Invoice or receipt from freemail sender with customer service number	2mo ago Jan 12th, 2026	@vector_sec	BEC/Fraud Callback Phishing Free email provider Impersonation: Brand Social engineering Content analysis Sender analysis URL analysis
Spam: Default Microsoft Exchange Online sender domain (onmicrosoft.com)	2mo ago Jan 12th, 2026	Sublime Security	Callback Phishing Credential Phishing Spam Free email provider Impersonation: Brand Social engineering Content analysis Sender analysis