Rule Name & Severity | Last Updated | Author | Types, Tactics & Capabilities | |
---|---|---|---|---|
Brand Impersonation: Fake Fax | 15d ago Jun 2nd, 2025 UTC | Sublime Security | /feeds/core/detection-rules/brand-impersonation-fake-fax-2a96b90a | |
Attachment: Fake attachment image lure | 18d ago May 30th, 2025 UTC | Sublime Security | /feeds/core/detection-rules/attachment-fake-attachment-image-lure-96b8b285 | |
Attachment: Adobe image lure in body or attachment with suspicious link | 1mo ago May 16th, 2025 UTC | Sublime Security | /feeds/core/detection-rules/attachment-adobe-image-lure-in-body-or-attachment-with-suspicious-link-1d7add81 | |
Brand impersonation: Microsoft with low reputation links | 1mo ago May 7th, 2025 UTC | Sublime Security | /feeds/core/detection-rules/brand-impersonation-microsoft-with-low-reputation-links-b59201b6 | |
Attachment: QR Code Link With Base64-Encoded Recipient Address | 2mo ago Mar 27th, 2025 UTC | Sublime Security | /feeds/core/detection-rules/attachment-qr-code-link-with-base64-encoded-recipient-address-927a0c1a | |
Attachment: Callback Phishing solicitation via image file | 3mo ago Mar 12th, 2025 UTC | @vector_sec | /feeds/core/detection-rules/attachment-callback-phishing-solicitation-via-image-file-60acbb36 | |
Spam: Image as content with Hidden HTML Element | 3mo ago Mar 3rd, 2025 UTC | Sublime Security | /feeds/core/detection-rules/spam-image-as-content-with-hidden-html-element-5de8861f | |
Attachment: SVG Files With Evasion Elements | 3mo ago Feb 21st, 2025 UTC | Sublime Security | /feeds/core/detection-rules/attachment-svg-files-with-evasion-elements-5d2dbb60 | |
Attachment: QR Code With Userinfo Portion | 3mo ago Feb 21st, 2025 UTC | Sublime Security | /feeds/core/detection-rules/attachment-qr-code-with-userinfo-portion-9d62cc5c | |
Spam: Item Giveaway Spam Template | 5mo ago Jan 8th, 2025 UTC | Sublime Security | /feeds/core/detection-rules/spam-item-giveaway-spam-template-06a5f93b | |
Brand impersonation: USPS | 6mo ago Dec 16th, 2024 UTC | Sublime Security | /feeds/core/detection-rules/brand-impersonation-usps-28b9130a | |
Attachment: Fake scan-to-email | 7mo ago Oct 28th, 2024 UTC | Sublime Security | /feeds/core/detection-rules/attachment-fake-scan-to-email-ea850cc1 | |
Brand Impersonation: Microsoft Planner With Suspicious Link | 8mo ago Oct 9th, 2024 UTC | Sublime Security | /feeds/core/detection-rules/brand-impersonation-microsoft-planner-with-suspicious-link-ea363c08 | |
Attachment: Fake secure message and suspicious indicators | 9mo ago Sep 16th, 2024 UTC | Sublime Security | /feeds/core/detection-rules/attachment-fake-secure-message-and-suspicious-indicators-20a34d94 | |
Brand Impersonation: DocuSign with embedded QR code | 1y ago May 2nd, 2024 UTC | Sublime Security | /feeds/core/detection-rules/brand-impersonation-docusign-with-embedded-qr-code-f5cde463 | |
Attachment: Microsoft impersonation via PDF with link and suspicious language | 1y ago May 2nd, 2024 UTC | Sublime Security | /feeds/core/detection-rules/attachment-microsoft-impersonation-via-pdf-with-link-and-suspicious-language-70d41c7f | |
Credential Phishing: Hyper-linked image leading to free file host | 1y ago May 2nd, 2024 UTC | Sublime Security | /feeds/core/detection-rules/credential-phishing-hyper-linked-image-leading-to-free-file-host-f5cb1eca | |
Image as content with a link to an open redirect (unsolicited) | 1y ago Apr 23rd, 2024 UTC | Sublime Security | /feeds/core/detection-rules/image-as-content-with-a-link-to-an-open-redirect-unsolicited-f5cec36b | |
Invoicera infrastructure abuse | 1y ago Mar 7th, 2024 UTC | Sublime Security | /feeds/core/detection-rules/invoicera-infrastructure-abuse-1e56f310 | |
Spam: BlackBaud infrastructure abuse | 1y ago Jan 17th, 2024 UTC | Sublime Security | /feeds/core/detection-rules/spam-blackbaud-infrastructure-abuse-3db46591 |