Sublime Security

Sublime Core Feed
Free email provider
Learn More
Login to Sublime
Attack Types
BEC/Fraud
Callback Phishing
Credential Phishing
Extortion
Malware/Ransomware
Reconnaissance
Spam
Tactics and Techniques
Encryption
Evasion
Exploit
Free email provider
Free file host
Free subdomain host
HTML smuggling
ICS Phishing
Image as content
Impersonation: Brand
Impersonation: Employee
Impersonation: VIP
IPFS
ISO
LNK
Lookalike domain
Macros
OneNote
Open redirect
Out of band pivot
PDF
Punycode
QR code
Scripting
Social engineering
Spoofing
Detection Methods
Archive analysis
Content analysis
Computer Vision
Exif analysis
File analysis
Header analysis
HTML analysis
Javascript analysis
Macro analysis
Natural Language Understanding
Optical Character Recognition
OLE analysis
PDF analysis
QR code analysis
Sender analysis
Threat intelligence
URL analysis
URL screenshot
Whois
XML analysis
YARA
Tactic or Technique: Free email provider
Attackers often use free email services like Gmail, Hotmail, and Yahoo to send phishing messages that are harder to detect. These platforms are widely trusted and have high deliverability, which makes it easier for malicious emails to land in your inbox.
It only takes a few minutes for an attacker to create a throwaway account. From there, they can spoof a display name to look like a coworker, vendor, or partner. Since free email addresses are often used in real conversations, the message may not seem out of place.
This tactic works because it blends in. A message might look clean, use a familiar name, and avoid anything that would trigger a filter. If you’re not paying close attention, it’s easy to miss the signs and respond without realizing the sender isn’t who they claim to be.
Blog Posts
Hiding a $50,000 BEC financial fraud in a fake email thread · Blog · Sublime Security
Payroll Fraud via LLM-Generated Emails · Blog · Sublime Security
Call Me Maybe? The Rise of Callback Phishing Emails · Blog · Sublime Security
Attack Types (5):
BEC/Fraud
Callback Phishing
Credential Phishing
Spam
Malware/Ransomware
Detection Methods (12):
Content analysis
Header analysis
Natural Language Understanding
Sender analysis
URL analysis
File analysis
HTML analysis
Exif analysis
Optical Character Recognition
Whois
Computer Vision
QR code analysis
Rule Name & Severity
Last Updated
Types, Tactics & Capabilities
Reconnaissance: Short generic greeting message
4d ago
May 29th, 2026
Sublime Security
BEC/Fraud
Callback Phishing
Social engineering
Free email provider
Content analysis
Header analysis
Natural Language Understanding
Sender analysis
BEC/Fraud
Callback Phishing
Social engineering
Free email provider
Content analysis
Header analysis
Natural Language Understanding
Sender analysis
Credential phishing: Engaging language and other indicators (untrusted sender)
4d ago
May 29th, 2026
Sublime Security
Credential Phishing
Free email provider
Social engineering
Content analysis
Header analysis
Natural Language Understanding
Sender analysis
URL analysis
Credential Phishing
Free email provider
Social engineering
Content analysis
Header analysis
Natural Language Understanding
Sender analysis
URL analysis
Scam: Fake estate sale offering welding equipment and tools
21d ago
May 12th, 2026
Sublime Security
BEC/Fraud
Social engineering
Free email provider
Out of band pivot
Content analysis
Sender analysis
Header analysis
BEC/Fraud
Social engineering
Free email provider
Out of band pivot
Content analysis
Sender analysis
Header analysis
Service Abuse: Zoom with freemail reply-to and recipient address in greeting
27d ago
May 6th, 2026
Sublime Security
Spam
Free email provider
Social engineering
Sender analysis
Header analysis
Content analysis
Spam
Free email provider
Social engineering
Sender analysis
Header analysis
Content analysis
Callback phishing: AOL senders with suspicious HTML template or PDF attachment
29d ago
May 4th, 2026
Sublime Security
Callback Phishing
Free email provider
Social engineering
Content analysis
Header analysis
File analysis
HTML analysis
Exif analysis
Sender analysis
Callback Phishing
Free email provider
Social engineering
Content analysis
Header analysis
File analysis
HTML analysis
Exif analysis
Sender analysis
Callback phishing via Google Group abuse
29d ago
May 4th, 2026
Sublime Security
Callback Phishing
Free email provider
Impersonation: Brand
Social engineering
File analysis
Natural Language Understanding
Optical Character Recognition
Sender analysis
Callback Phishing
Free email provider
Impersonation: Brand
Social engineering
File analysis
Natural Language Understanding
Optical Character Recognition
Sender analysis
BEC/Fraud: Student loan callback phishing
29d ago
May 4th, 2026
Sublime Security
BEC/Fraud
Free email provider
Out of band pivot
Social engineering
Content analysis
Natural Language Understanding
Sender analysis
BEC/Fraud
Free email provider
Out of band pivot
Social engineering
Content analysis
Natural Language Understanding
Sender analysis
Impersonation: Suspected supplier impersonation with suspicious content
29d ago
May 4th, 2026
Sublime Security
BEC/Fraud
Evasion
Free email provider
Lookalike domain
Social engineering
Content analysis
Header analysis
Natural Language Understanding
Sender analysis
URL analysis
Whois
BEC/Fraud
Evasion
Free email provider
Lookalike domain
Social engineering
Content analysis
Header analysis
Natural Language Understanding
Sender analysis
URL analysis
Whois
Canva infrastructure abuse
29d ago
May 4th, 2026
Sublime Security
BEC/Fraud
Callback Phishing
Social engineering
Impersonation: Brand
Impersonation: Employee
Free email provider
Natural Language Understanding
Sender analysis
Content analysis
BEC/Fraud
Callback Phishing
Social engineering
Impersonation: Brand
Impersonation: Employee
Free email provider
Natural Language Understanding
Sender analysis
Content analysis
Callback phishing via Intuit service abuse
29d ago
May 4th, 2026
Sublime Security
Callback Phishing
Evasion
Free email provider
Impersonation: Brand
Social engineering
Computer Vision
Content analysis
Header analysis
Optical Character Recognition
Callback Phishing
Evasion
Free email provider
Impersonation: Brand
Social engineering
Computer Vision
Content analysis
Header analysis
Optical Character Recognition
Employee impersonation: Payroll fraud
1mo ago
May 1st, 2026
Sublime Security
BEC/Fraud
Impersonation: Employee
Free email provider
Social engineering
Content analysis
Sender analysis
BEC/Fraud
Impersonation: Employee
Free email provider
Social engineering
Content analysis
Sender analysis
BEC/Fraud: Scam lure with freemail pivot
1mo ago
Apr 30th, 2026
Sublime Security
BEC/Fraud
Free email provider
Out of band pivot
Content analysis
Header analysis
Sender analysis
BEC/Fraud
Free email provider
Out of band pivot
Content analysis
Header analysis
Sender analysis
BEC/Fraud: Penpal scam
1mo ago
Apr 30th, 2026
Sublime Security
BEC/Fraud
Free email provider
Social engineering
Content analysis
Header analysis
Sender analysis
BEC/Fraud
Free email provider
Social engineering
Content analysis
Header analysis
Sender analysis
Link: Google Calendar invite linking to an open redirect from an untrusted freemail sender
1mo ago
Apr 28th, 2026
Sublime Security
Spam
Free email provider
Free file host
ICS Phishing
Open redirect
Social engineering
Content analysis
Sender analysis
URL analysis
Spam
Free email provider
Free file host
ICS Phishing
Open redirect
Social engineering
Content analysis
Sender analysis
URL analysis
Attachment: Calendar invite with suspicious link leading to an open redirect
1mo ago
Apr 28th, 2026
Sublime Security
Spam
Free email provider
Free file host
Free subdomain host
ICS Phishing
Open redirect
Content analysis
URL analysis
Spam
Free email provider
Free file host
Free subdomain host
ICS Phishing
Open redirect
Content analysis
URL analysis
BEC/Fraud: Job scam fake thread or plaintext pivot to freemail
1mo ago
Apr 27th, 2026
Sublime Security
BEC/Fraud
Free email provider
Out of band pivot
Content analysis
File analysis
Natural Language Understanding
BEC/Fraud
Free email provider
Out of band pivot
Content analysis
File analysis
Natural Language Understanding
COVID-19 themed fraud with sender and reply-to mismatch or compensation award
1mo ago
Apr 27th, 2026
Sublime Security
BEC/Fraud
Free email provider
Social engineering
Content analysis
Header analysis
Natural Language Understanding
Sender analysis
BEC/Fraud
Free email provider
Social engineering
Content analysis
Header analysis
Natural Language Understanding
Sender analysis
Suspicious request for financial information
1mo ago
Apr 27th, 2026
Sublime Security
BEC/Fraud
Free email provider
Impersonation: Employee
Impersonation: VIP
Social engineering
Content analysis
Header analysis
Sender analysis
BEC/Fraud
Free email provider
Impersonation: Employee
Impersonation: VIP
Social engineering
Content analysis
Header analysis
Sender analysis
Request for Quote or Purchase (RFQ|RFP) with suspicious sender or recipient pattern
1mo ago
Apr 27th, 2026
Sublime Security
BEC/Fraud
Evasion
Free email provider
Content analysis
Natural Language Understanding
URL analysis
BEC/Fraud
Evasion
Free email provider
Content analysis
Natural Language Understanding
URL analysis
BEC/Fraud: Urgent language and suspicious sending/infrastructure patterns
1mo ago
Apr 17th, 2026
Sublime Security
BEC/Fraud
Callback Phishing
Spam
Impersonation: Brand
Social engineering
Free email provider
Content analysis
Header analysis
Sender analysis
Whois
BEC/Fraud
Callback Phishing
Spam
Impersonation: Brand
Social engineering
Free email provider
Content analysis
Header analysis
Sender analysis
Whois
Page 1 of 4

Rule Name & Severity	Last Updated	Author	Types, Tactics & Capabilities
Reconnaissance: Short generic greeting message	4d ago May 29th, 2026	Sublime Security	BEC/Fraud Callback Phishing Social engineering Free email provider Content analysis Header analysis Natural Language Understanding Sender analysis
Credential phishing: Engaging language and other indicators (untrusted sender)	4d ago May 29th, 2026	Sublime Security	Credential Phishing Free email provider Social engineering Content analysis Header analysis Natural Language Understanding Sender analysis URL analysis
Scam: Fake estate sale offering welding equipment and tools	21d ago May 12th, 2026	Sublime Security	BEC/Fraud Social engineering Free email provider Out of band pivot Content analysis Sender analysis Header analysis
Service Abuse: Zoom with freemail reply-to and recipient address in greeting	27d ago May 6th, 2026	Sublime Security	Spam Free email provider Social engineering Sender analysis Header analysis Content analysis
Callback phishing: AOL senders with suspicious HTML template or PDF attachment	29d ago May 4th, 2026	Sublime Security	Callback Phishing Free email provider Social engineering Content analysis Header analysis File analysis HTML analysis Exif analysis Sender analysis
Callback phishing via Google Group abuse	29d ago May 4th, 2026	Sublime Security	Callback Phishing Free email provider Impersonation: Brand Social engineering File analysis Natural Language Understanding Optical Character Recognition Sender analysis
BEC/Fraud: Student loan callback phishing	29d ago May 4th, 2026	Sublime Security	BEC/Fraud Free email provider Out of band pivot Social engineering Content analysis Natural Language Understanding Sender analysis
Impersonation: Suspected supplier impersonation with suspicious content	29d ago May 4th, 2026	Sublime Security	BEC/Fraud Evasion Free email provider Lookalike domain Social engineering Content analysis Header analysis Natural Language Understanding Sender analysis URL analysis Whois
Canva infrastructure abuse	29d ago May 4th, 2026	Sublime Security	BEC/Fraud Callback Phishing Social engineering Impersonation: Brand Impersonation: Employee Free email provider Natural Language Understanding Sender analysis Content analysis
Callback phishing via Intuit service abuse	29d ago May 4th, 2026	Sublime Security	Callback Phishing Evasion Free email provider Impersonation: Brand Social engineering Computer Vision Content analysis Header analysis Optical Character Recognition
Employee impersonation: Payroll fraud	1mo ago May 1st, 2026	Sublime Security	BEC/Fraud Impersonation: Employee Free email provider Social engineering Content analysis Sender analysis
BEC/Fraud: Scam lure with freemail pivot	1mo ago Apr 30th, 2026	Sublime Security	BEC/Fraud Free email provider Out of band pivot Content analysis Header analysis Sender analysis
BEC/Fraud: Penpal scam	1mo ago Apr 30th, 2026	Sublime Security	BEC/Fraud Free email provider Social engineering Content analysis Header analysis Sender analysis
Link: Google Calendar invite linking to an open redirect from an untrusted freemail sender	1mo ago Apr 28th, 2026	Sublime Security	Spam Free email provider Free file host ICS Phishing Open redirect Social engineering Content analysis Sender analysis URL analysis
Attachment: Calendar invite with suspicious link leading to an open redirect	1mo ago Apr 28th, 2026	Sublime Security	Spam Free email provider Free file host Free subdomain host ICS Phishing Open redirect Content analysis URL analysis
BEC/Fraud: Job scam fake thread or plaintext pivot to freemail	1mo ago Apr 27th, 2026	Sublime Security	BEC/Fraud Free email provider Out of band pivot Content analysis File analysis Natural Language Understanding
COVID-19 themed fraud with sender and reply-to mismatch or compensation award	1mo ago Apr 27th, 2026	Sublime Security	BEC/Fraud Free email provider Social engineering Content analysis Header analysis Natural Language Understanding Sender analysis
Suspicious request for financial information	1mo ago Apr 27th, 2026	Sublime Security	BEC/Fraud Free email provider Impersonation: Employee Impersonation: VIP Social engineering Content analysis Header analysis Sender analysis
Request for Quote or Purchase (RFQ\|RFP) with suspicious sender or recipient pattern	1mo ago Apr 27th, 2026	Sublime Security	BEC/Fraud Evasion Free email provider Content analysis Natural Language Understanding URL analysis
BEC/Fraud: Urgent language and suspicious sending/infrastructure patterns	1mo ago Apr 17th, 2026	Sublime Security	BEC/Fraud Callback Phishing Spam Impersonation: Brand Social engineering Free email provider Content analysis Header analysis Sender analysis Whois