Sublime Security

Sublime Core Feed
Optical Character Recognition
Learn More
Login to Sublime
Attack Types
BEC/Fraud
Callback Phishing
Credential Phishing
Extortion
Malware/Ransomware
Reconnaissance
Spam
Tactics and Techniques
Encryption
Evasion
Exploit
Free email provider
Free file host
Free subdomain host
HTML smuggling
Image as content
Impersonation: Brand
Impersonation: Employee
Impersonation: VIP
IPFS
ISO
LNK
Lookalike domain
Macros
OneNote
Open redirect
Out of band pivot
PDF
Punycode
QR code
Scripting
Social engineering
Spoofing
Detection Methods
Archive analysis
Content analysis
Computer Vision
Exif analysis
File analysis
Header analysis
HTML analysis
Javascript analysis
Macro analysis
Natural Language Understanding
Optical Character Recognition
OLE analysis
PDF analysis
QR code analysis
Sender analysis
Threat intelligence
URL analysis
URL screenshot
Whois
XML analysis
YARA
Detection Method: Optical Character Recognition
OCR (Optical Character Recognition) helps systems read and analyze text in images, screenshots, and scanned documents. This method turns visual text into machine-readable content, allowing your security tools to catch things that would normally slip past text-based filters.
OCR can help you detect:
Phishing text hidden in images to bypass text-based filters
Suspicious language or instructions in scanned documents
QR codes with malicious links
Brand impersonation attempts using image-based logos or text
Requests for sensitive information disguised in images
For example, attackers often embed fake login prompts or instructions to call a "customer support" number in images. These tricks are designed to bypass traditional security filters, but OCR can extract and analyze the text to flag it as malicious before it reaches you.
Blog Posts
Hiding a $50,000 BEC financial fraud in a fake email thread · Blog · Sublime Security
Call Me Maybe? The Rise of Callback Phishing Emails · Blog · Sublime Security
Detecting Credential Phishing using Deep Learning + MQL · Blog · Sublime Security
Attack Types (6):
Credential Phishing
BEC/Fraud
Spam
Extortion
Callback Phishing
Malware/Ransomware
Tactics & Techniques (15):
Free file host
Image as content
Impersonation: Brand
Social engineering
Evasion
Free subdomain host
PDF
Impersonation: VIP
Out of band pivot
Open redirect
Macros
Free email provider
QR code
Spoofing
Encryption
Rule Name & Severity
Last Updated
Types, Tactics & Capabilities
Cloud storage impersonation with credential theft indicators
21h ago
Mar 13th, 2026
Sublime Security
Credential Phishing
Free file host
Image as content
Impersonation: Brand
Social engineering
Computer Vision
Content analysis
Header analysis
Natural Language Understanding
Optical Character Recognition
Sender analysis
URL analysis
Credential Phishing
Free file host
Image as content
Impersonation: Brand
Social engineering
Computer Vision
Content analysis
Header analysis
Natural Language Understanding
Optical Character Recognition
Sender analysis
URL analysis
Brand impersonation: SendGrid
2d ago
Mar 12th, 2026
Sublime Security
BEC/Fraud
Credential Phishing
Spam
Impersonation: Brand
Social engineering
Content analysis
Header analysis
Natural Language Understanding
Optical Character Recognition
Sender analysis
BEC/Fraud
Credential Phishing
Spam
Impersonation: Brand
Social engineering
Content analysis
Header analysis
Natural Language Understanding
Optical Character Recognition
Sender analysis
Link: Figma design deck with credential theft language
10d ago
Mar 4th, 2026
Sublime Security
Credential Phishing
Evasion
Free file host
Social engineering
Natural Language Understanding
Computer Vision
Optical Character Recognition
URL analysis
URL screenshot
Sender analysis
Credential Phishing
Evasion
Free file host
Social engineering
Natural Language Understanding
Computer Vision
Optical Character Recognition
URL analysis
URL screenshot
Sender analysis
Impersonation: Recipient organization in sender display name with credential theft image
25d ago
Feb 17th, 2026
Sublime Security
Credential Phishing
Image as content
Impersonation: Brand
Social engineering
Computer Vision
Content analysis
File analysis
Natural Language Understanding
Optical Character Recognition
Sender analysis
Credential Phishing
Image as content
Impersonation: Brand
Social engineering
Computer Vision
Content analysis
File analysis
Natural Language Understanding
Optical Character Recognition
Sender analysis
Brand impersonation: TikTok
30d ago
Feb 12th, 2026
Sublime Security
Credential Phishing
Impersonation: Brand
Social engineering
Computer Vision
Content analysis
Header analysis
Natural Language Understanding
Optical Character Recognition
Sender analysis
Credential Phishing
Impersonation: Brand
Social engineering
Computer Vision
Content analysis
Header analysis
Natural Language Understanding
Optical Character Recognition
Sender analysis
Brand impersonation: Fake Fax
1mo ago
Feb 5th, 2026
Sublime Security
Credential Phishing
Impersonation: Brand
Image as content
Free file host
Free subdomain host
Social engineering
Computer Vision
Content analysis
Optical Character Recognition
Sender analysis
URL analysis
Credential Phishing
Impersonation: Brand
Image as content
Free file host
Free subdomain host
Social engineering
Computer Vision
Content analysis
Optical Character Recognition
Sender analysis
URL analysis
Attachment: Legal themed message or PDF with suspicious indicators
1mo ago
Feb 5th, 2026
Sublime Security
Credential Phishing
Extortion
BEC/Fraud
Evasion
PDF
Social engineering
Content analysis
File analysis
Natural Language Understanding
Optical Character Recognition
URL analysis
Whois
Header analysis
Exif analysis
Credential Phishing
Extortion
BEC/Fraud
Evasion
PDF
Social engineering
Content analysis
File analysis
Natural Language Understanding
Optical Character Recognition
URL analysis
Whois
Header analysis
Exif analysis
Attachment: Office file with document sharing and browser instruction lures
1mo ago
Jan 29th, 2026
Sublime Security
Credential Phishing
Social engineering
Evasion
Archive analysis
File analysis
Macro analysis
Optical Character Recognition
Content analysis
Credential Phishing
Social engineering
Evasion
Archive analysis
File analysis
Macro analysis
Optical Character Recognition
Content analysis
Link: Microsoft Dynamics 365 form phishing
1mo ago
Jan 27th, 2026
Sublime Security
Credential Phishing
Evasion
Content analysis
File analysis
Optical Character Recognition
Natural Language Understanding
URL analysis
URL screenshot
Credential Phishing
Evasion
Content analysis
File analysis
Optical Character Recognition
Natural Language Understanding
URL analysis
URL screenshot
Attachment: Fake lawyer & sports agent identities
1mo ago
Jan 26th, 2026
Sublime Security
BEC/Fraud
Impersonation: VIP
Social engineering
Content analysis
Exif analysis
File analysis
Optical Character Recognition
BEC/Fraud
Impersonation: VIP
Social engineering
Content analysis
Exif analysis
File analysis
Optical Character Recognition
Callback phishing in body or attachment (untrusted sender)
1mo ago
Jan 22nd, 2026
Sublime Security
Callback Phishing
Out of band pivot
Social engineering
Content analysis
File analysis
Optical Character Recognition
Natural Language Understanding
Sender analysis
Callback Phishing
Out of band pivot
Social engineering
Content analysis
File analysis
Optical Character Recognition
Natural Language Understanding
Sender analysis
Attachment: Invoice and W-9 PDFs with suspicious creators
1mo ago
Jan 21st, 2026
Sublime Security
BEC/Fraud
PDF
Social engineering
Impersonation: Brand
File analysis
Optical Character Recognition
Exif analysis
Content analysis
BEC/Fraud
PDF
Social engineering
Impersonation: Brand
File analysis
Optical Character Recognition
Exif analysis
Content analysis
Open Redirect: Google domain with /url path and suspicious indicators
2mo ago
Jan 12th, 2026
Sublime Security
Credential Phishing
Evasion
Open redirect
Computer Vision
Content analysis
File analysis
Header analysis
Natural Language Understanding
Optical Character Recognition
Sender analysis
URL analysis
Credential Phishing
Evasion
Open redirect
Computer Vision
Content analysis
File analysis
Header analysis
Natural Language Understanding
Optical Character Recognition
Sender analysis
URL analysis
Link to auto-downloaded file with Google Drive branding
2mo ago
Jan 12th, 2026
Sublime Security
Malware/Ransomware
Impersonation: Brand
Social engineering
Content analysis
File analysis
Optical Character Recognition
URL analysis
URL screenshot
Malware/Ransomware
Impersonation: Brand
Social engineering
Content analysis
File analysis
Optical Character Recognition
URL analysis
URL screenshot
Brand impersonation: Microsoft with low reputation links
2mo ago
Jan 12th, 2026
Sublime Security
Credential Phishing
Free file host
Image as content
Impersonation: Brand
Social engineering
Computer Vision
Content analysis
File analysis
Header analysis
Natural Language Understanding
Optical Character Recognition
Sender analysis
URL analysis
Credential Phishing
Free file host
Image as content
Impersonation: Brand
Social engineering
Computer Vision
Content analysis
File analysis
Header analysis
Natural Language Understanding
Optical Character Recognition
Sender analysis
URL analysis
Link: Multistage landing - Abused Adobe Acrobat hosted PDF
2mo ago
Jan 12th, 2026
Sublime Security
Credential Phishing
Impersonation: Brand
Social engineering
Computer Vision
Optical Character Recognition
URL analysis
Header analysis
Sender analysis
Credential Phishing
Impersonation: Brand
Social engineering
Computer Vision
Optical Character Recognition
URL analysis
Header analysis
Sender analysis
Link: Multistage landing - Scribd document
2mo ago
Jan 12th, 2026
Sublime Security
Credential Phishing
Evasion
Social engineering
Impersonation: Brand
Free file host
URL analysis
HTML analysis
Natural Language Understanding
Computer Vision
Optical Character Recognition
URL screenshot
Credential Phishing
Evasion
Social engineering
Impersonation: Brand
Free file host
URL analysis
HTML analysis
Natural Language Understanding
Computer Vision
Optical Character Recognition
URL screenshot
Suspicious recipient pattern and language with low reputation link to login
2mo ago
Jan 12th, 2026
Sublime Security
Credential Phishing
Social engineering
Computer Vision
Content analysis
Header analysis
Natural Language Understanding
Optical Character Recognition
Sender analysis
URL analysis
URL screenshot
Credential Phishing
Social engineering
Computer Vision
Content analysis
Header analysis
Natural Language Understanding
Optical Character Recognition
Sender analysis
URL analysis
URL screenshot
Attachment: Microsoft 365 credential phishing
2mo ago
Jan 12th, 2026
Sublime Security
Credential Phishing
Impersonation: Brand
Social engineering
Content analysis
File analysis
Header analysis
Optical Character Recognition
Sender analysis
Credential Phishing
Impersonation: Brand
Social engineering
Content analysis
File analysis
Header analysis
Optical Character Recognition
Sender analysis
Attachment: PDF with credential theft language and link to a free subdomain (unsolicited)
2mo ago
Jan 12th, 2026
Sublime Security
Credential Phishing
Free subdomain host
PDF
Social engineering
File analysis
Natural Language Understanding
Optical Character Recognition
Sender analysis
URL analysis
Credential Phishing
Free subdomain host
PDF
Social engineering
File analysis
Natural Language Understanding
Optical Character Recognition
Sender analysis
URL analysis
Page 1 of 4

Rule Name & Severity	Last Updated	Author	Types, Tactics & Capabilities
Cloud storage impersonation with credential theft indicators	21h ago Mar 13th, 2026	Sublime Security	Credential Phishing Free file host Image as content Impersonation: Brand Social engineering Computer Vision Content analysis Header analysis Natural Language Understanding Optical Character Recognition Sender analysis URL analysis
Brand impersonation: SendGrid	2d ago Mar 12th, 2026	Sublime Security	BEC/Fraud Credential Phishing Spam Impersonation: Brand Social engineering Content analysis Header analysis Natural Language Understanding Optical Character Recognition Sender analysis
Link: Figma design deck with credential theft language	10d ago Mar 4th, 2026	Sublime Security	Credential Phishing Evasion Free file host Social engineering Natural Language Understanding Computer Vision Optical Character Recognition URL analysis URL screenshot Sender analysis
Impersonation: Recipient organization in sender display name with credential theft image	25d ago Feb 17th, 2026	Sublime Security	Credential Phishing Image as content Impersonation: Brand Social engineering Computer Vision Content analysis File analysis Natural Language Understanding Optical Character Recognition Sender analysis
Brand impersonation: TikTok	30d ago Feb 12th, 2026	Sublime Security	Credential Phishing Impersonation: Brand Social engineering Computer Vision Content analysis Header analysis Natural Language Understanding Optical Character Recognition Sender analysis
Brand impersonation: Fake Fax	1mo ago Feb 5th, 2026	Sublime Security	Credential Phishing Impersonation: Brand Image as content Free file host Free subdomain host Social engineering Computer Vision Content analysis Optical Character Recognition Sender analysis URL analysis
Attachment: Legal themed message or PDF with suspicious indicators	1mo ago Feb 5th, 2026	Sublime Security	Credential Phishing Extortion BEC/Fraud Evasion PDF Social engineering Content analysis File analysis Natural Language Understanding Optical Character Recognition URL analysis Whois Header analysis Exif analysis
Attachment: Office file with document sharing and browser instruction lures	1mo ago Jan 29th, 2026	Sublime Security	Credential Phishing Social engineering Evasion Archive analysis File analysis Macro analysis Optical Character Recognition Content analysis
Link: Microsoft Dynamics 365 form phishing	1mo ago Jan 27th, 2026	Sublime Security	Credential Phishing Evasion Content analysis File analysis Optical Character Recognition Natural Language Understanding URL analysis URL screenshot
Attachment: Fake lawyer & sports agent identities	1mo ago Jan 26th, 2026	Sublime Security	BEC/Fraud Impersonation: VIP Social engineering Content analysis Exif analysis File analysis Optical Character Recognition
Callback phishing in body or attachment (untrusted sender)	1mo ago Jan 22nd, 2026	Sublime Security	Callback Phishing Out of band pivot Social engineering Content analysis File analysis Optical Character Recognition Natural Language Understanding Sender analysis
Attachment: Invoice and W-9 PDFs with suspicious creators	1mo ago Jan 21st, 2026	Sublime Security	BEC/Fraud PDF Social engineering Impersonation: Brand File analysis Optical Character Recognition Exif analysis Content analysis
Open Redirect: Google domain with /url path and suspicious indicators	2mo ago Jan 12th, 2026	Sublime Security	Credential Phishing Evasion Open redirect Computer Vision Content analysis File analysis Header analysis Natural Language Understanding Optical Character Recognition Sender analysis URL analysis
Link to auto-downloaded file with Google Drive branding	2mo ago Jan 12th, 2026	Sublime Security	Malware/Ransomware Impersonation: Brand Social engineering Content analysis File analysis Optical Character Recognition URL analysis URL screenshot
Brand impersonation: Microsoft with low reputation links	2mo ago Jan 12th, 2026	Sublime Security	Credential Phishing Free file host Image as content Impersonation: Brand Social engineering Computer Vision Content analysis File analysis Header analysis Natural Language Understanding Optical Character Recognition Sender analysis URL analysis
Link: Multistage landing - Abused Adobe Acrobat hosted PDF	2mo ago Jan 12th, 2026	Sublime Security	Credential Phishing Impersonation: Brand Social engineering Computer Vision Optical Character Recognition URL analysis Header analysis Sender analysis
Link: Multistage landing - Scribd document	2mo ago Jan 12th, 2026	Sublime Security	Credential Phishing Evasion Social engineering Impersonation: Brand Free file host URL analysis HTML analysis Natural Language Understanding Computer Vision Optical Character Recognition URL screenshot
Suspicious recipient pattern and language with low reputation link to login	2mo ago Jan 12th, 2026	Sublime Security	Credential Phishing Social engineering Computer Vision Content analysis Header analysis Natural Language Understanding Optical Character Recognition Sender analysis URL analysis URL screenshot
Attachment: Microsoft 365 credential phishing	2mo ago Jan 12th, 2026	Sublime Security	Credential Phishing Impersonation: Brand Social engineering Content analysis File analysis Header analysis Optical Character Recognition Sender analysis
Attachment: PDF with credential theft language and link to a free subdomain (unsolicited)	2mo ago Jan 12th, 2026	Sublime Security	Credential Phishing Free subdomain host PDF Social engineering File analysis Natural Language Understanding Optical Character Recognition Sender analysis URL analysis