Sublime Security

Sublime Core Feed
Optical Character Recognition
Learn More
Login to Sublime
Attack Types
BEC/Fraud
Callback Phishing
Credential Phishing
Extortion
Malware/Ransomware
Reconnaissance
Spam
Tactics and Techniques
Encryption
Evasion
Exploit
Free email provider
Free file host
Free subdomain host
HTML smuggling
ICS Phishing
Image as content
Impersonation: Brand
Impersonation: Employee
Impersonation: VIP
IPFS
ISO
LNK
Lookalike domain
Macros
OneNote
Open redirect
Out of band pivot
PDF
Punycode
QR code
Scripting
Social engineering
Spoofing
Detection Methods
Archive analysis
Content analysis
Computer Vision
Exif analysis
File analysis
Header analysis
HTML analysis
Javascript analysis
Macro analysis
Natural Language Understanding
Optical Character Recognition
OLE analysis
PDF analysis
QR code analysis
Sender analysis
Threat intelligence
URL analysis
URL screenshot
Whois
XML analysis
YARA
Detection Method: Optical Character Recognition
OCR (Optical Character Recognition) helps systems read and analyze text in images, screenshots, and scanned documents. This method turns visual text into machine-readable content, allowing your security tools to catch things that would normally slip past text-based filters.
OCR can help you detect:
Phishing text hidden in images to bypass text-based filters
Suspicious language or instructions in scanned documents
QR codes with malicious links
Brand impersonation attempts using image-based logos or text
Requests for sensitive information disguised in images
For example, attackers often embed fake login prompts or instructions to call a "customer support" number in images. These tricks are designed to bypass traditional security filters, but OCR can extract and analyze the text to flag it as malicious before it reaches you.
Blog Posts
Hiding a $50,000 BEC financial fraud in a fake email thread · Blog · Sublime Security
Call Me Maybe? The Rise of Callback Phishing Emails · Blog · Sublime Security
Detecting Credential Phishing using Deep Learning + MQL · Blog · Sublime Security
Attack Types (6):
Credential Phishing
Callback Phishing
Malware/Ransomware
Extortion
BEC/Fraud
Spam
Tactics & Techniques (15):
Impersonation: Brand
Image as content
Free file host
Free subdomain host
Social engineering
Evasion
Open redirect
Free email provider
Out of band pivot
PDF
QR code
Encryption
Impersonation: VIP
Macros
Spoofing
Rule Name & Severity
Last Updated
Types, Tactics & Capabilities
Brand impersonation: Fake Fax
6d ago
Jun 17th, 2026
Sublime Security
Credential Phishing
Impersonation: Brand
Image as content
Free file host
Free subdomain host
Social engineering
Computer Vision
Content analysis
Optical Character Recognition
Sender analysis
URL analysis
Credential Phishing
Impersonation: Brand
Image as content
Free file host
Free subdomain host
Social engineering
Computer Vision
Content analysis
Optical Character Recognition
Sender analysis
URL analysis
Open Redirect: Google domain with /url path and suspicious indicators
18d ago
Jun 5th, 2026
Sublime Security
Credential Phishing
Evasion
Open redirect
Computer Vision
Content analysis
File analysis
Header analysis
Natural Language Understanding
Optical Character Recognition
Sender analysis
URL analysis
Credential Phishing
Evasion
Open redirect
Computer Vision
Content analysis
File analysis
Header analysis
Natural Language Understanding
Optical Character Recognition
Sender analysis
URL analysis
Attachment: Microsoft 365 credential phishing
18d ago
Jun 5th, 2026
Sublime Security
Credential Phishing
Impersonation: Brand
Social engineering
Content analysis
File analysis
Header analysis
Optical Character Recognition
Sender analysis
Credential Phishing
Impersonation: Brand
Social engineering
Content analysis
File analysis
Header analysis
Optical Character Recognition
Sender analysis
Credential phishing: DocuSign embedded image lure with no DocuSign domains in links
18d ago
Jun 5th, 2026
Sublime Security
Credential Phishing
Impersonation: Brand
Social engineering
Computer Vision
Content analysis
Header analysis
Natural Language Understanding
Optical Character Recognition
Sender analysis
Credential Phishing
Impersonation: Brand
Social engineering
Computer Vision
Content analysis
Header analysis
Natural Language Understanding
Optical Character Recognition
Sender analysis
Attachment: Adobe image lure in body or attachment with suspicious link
18d ago
Jun 5th, 2026
Sublime Security
Credential Phishing
Image as content
Impersonation: Brand
Content analysis
Computer Vision
Optical Character Recognition
Sender analysis
URL analysis
Credential Phishing
Image as content
Impersonation: Brand
Content analysis
Computer Vision
Optical Character Recognition
Sender analysis
URL analysis
Attachment: Callback phishing solicitation via pdf file
18d ago
Jun 5th, 2026
Sublime Security
Callback Phishing
Evasion
Free email provider
Out of band pivot
PDF
Social engineering
Exif analysis
File analysis
Optical Character Recognition
Sender analysis
Callback Phishing
Evasion
Free email provider
Out of band pivot
PDF
Social engineering
Exif analysis
File analysis
Optical Character Recognition
Sender analysis
Brand impersonation: Microsoft with low reputation links
18d ago
Jun 5th, 2026
Sublime Security
Credential Phishing
Free file host
Image as content
Impersonation: Brand
Social engineering
Computer Vision
Content analysis
File analysis
Header analysis
Natural Language Understanding
Optical Character Recognition
Sender analysis
URL analysis
Credential Phishing
Free file host
Image as content
Impersonation: Brand
Social engineering
Computer Vision
Content analysis
File analysis
Header analysis
Natural Language Understanding
Optical Character Recognition
Sender analysis
URL analysis
Attachment: Fake attachment image lure
18d ago
Jun 5th, 2026
Sublime Security
Credential Phishing
Malware/Ransomware
Evasion
Image as content
Social engineering
File analysis
Natural Language Understanding
Optical Character Recognition
Credential Phishing
Malware/Ransomware
Evasion
Image as content
Social engineering
File analysis
Natural Language Understanding
Optical Character Recognition
Brand impersonation: Adobe Acrobat Sign PDF phishing file format template
22d ago
Jun 1st, 2026
Sublime Security
Credential Phishing
Impersonation: Brand
PDF
Computer Vision
Optical Character Recognition
File analysis
Credential Phishing
Impersonation: Brand
PDF
Computer Vision
Optical Character Recognition
File analysis
Attachment: Compensation-themed DOCX with QR code credential theft
25d ago
May 29th, 2026
Sublime Security
Credential Phishing
QR code
Social engineering
Impersonation: Brand
File analysis
Optical Character Recognition
QR code analysis
Natural Language Understanding
Exif analysis
Content analysis
Credential Phishing
QR code
Social engineering
Impersonation: Brand
File analysis
Optical Character Recognition
QR code analysis
Natural Language Understanding
Exif analysis
Content analysis
Brand impersonation: Figma with malicious document access overlay
27d ago
May 27th, 2026
Sublime Security
Credential Phishing
Impersonation: Brand
Social engineering
Image as content
Sender analysis
HTML analysis
URL screenshot
Optical Character Recognition
URL analysis
Credential Phishing
Impersonation: Brand
Social engineering
Image as content
Sender analysis
HTML analysis
URL screenshot
Optical Character Recognition
URL analysis
X (Twitter) impersonation with credential phishing motives
1mo ago
May 15th, 2026
Sublime Security
Credential Phishing
Impersonation: Brand
Social engineering
Computer Vision
File analysis
Header analysis
Optical Character Recognition
Natural Language Understanding
Sender analysis
Credential Phishing
Impersonation: Brand
Social engineering
Computer Vision
File analysis
Header analysis
Optical Character Recognition
Natural Language Understanding
Sender analysis
Cloud storage impersonation with credential theft indicators
1mo ago
May 12th, 2026
Sublime Security
Credential Phishing
Free file host
Image as content
Impersonation: Brand
Social engineering
Computer Vision
Content analysis
Header analysis
Natural Language Understanding
Optical Character Recognition
Sender analysis
URL analysis
Credential Phishing
Free file host
Image as content
Impersonation: Brand
Social engineering
Computer Vision
Content analysis
Header analysis
Natural Language Understanding
Optical Character Recognition
Sender analysis
URL analysis
Attachment: Suspicious PDF created with headless browser
1mo ago
May 7th, 2026
Sublime Security
Credential Phishing
Evasion
PDF
Content analysis
Exif analysis
File analysis
Optical Character Recognition
Credential Phishing
Evasion
PDF
Content analysis
Exif analysis
File analysis
Optical Character Recognition
Callback phishing via Google Group abuse
1mo ago
May 4th, 2026
Sublime Security
Callback Phishing
Free email provider
Impersonation: Brand
Social engineering
File analysis
Natural Language Understanding
Optical Character Recognition
Sender analysis
Callback Phishing
Free email provider
Impersonation: Brand
Social engineering
File analysis
Natural Language Understanding
Optical Character Recognition
Sender analysis
Callback phishing via Intuit service abuse
1mo ago
May 4th, 2026
Sublime Security
Callback Phishing
Evasion
Free email provider
Impersonation: Brand
Social engineering
Computer Vision
Content analysis
Header analysis
Optical Character Recognition
Callback Phishing
Evasion
Free email provider
Impersonation: Brand
Social engineering
Computer Vision
Content analysis
Header analysis
Optical Character Recognition
Brand impersonation: SharePoint PDF attachment with credential theft language
1mo ago
May 4th, 2026
Sublime Security
Credential Phishing
Impersonation: Brand
Social engineering
PDF
Evasion
Computer Vision
File analysis
Natural Language Understanding
Optical Character Recognition
Sender analysis
URL analysis
Header analysis
Whois
Credential Phishing
Impersonation: Brand
Social engineering
PDF
Evasion
Computer Vision
File analysis
Natural Language Understanding
Optical Character Recognition
Sender analysis
URL analysis
Header analysis
Whois
Attachment: Fake voicemail via PDF
1mo ago
Apr 30th, 2026
Sublime Security
Credential Phishing
PDF
QR code
Social engineering
Computer Vision
Content analysis
File analysis
Optical Character Recognition
QR code analysis
URL analysis
Credential Phishing
PDF
QR code
Social engineering
Computer Vision
Content analysis
File analysis
Optical Character Recognition
QR code analysis
URL analysis
Adobe branded PDF file linking to a password-protected file from untrusted sender
1mo ago
Apr 29th, 2026
Sublime Security
Malware/Ransomware
Encryption
Evasion
Impersonation: Brand
PDF
Archive analysis
File analysis
Natural Language Understanding
Optical Character Recognition
Malware/Ransomware
Encryption
Evasion
Impersonation: Brand
PDF
Archive analysis
File analysis
Natural Language Understanding
Optical Character Recognition
Brand impersonation: Amazon with suspicious attachment
2mo ago
Apr 14th, 2026
Sublime Security
Credential Phishing
Impersonation: Brand
Social engineering
Computer Vision
File analysis
Header analysis
Natural Language Understanding
Optical Character Recognition
Sender analysis
Credential Phishing
Impersonation: Brand
Social engineering
Computer Vision
File analysis
Header analysis
Natural Language Understanding
Optical Character Recognition
Sender analysis
Page 1 of 4

Rule Name & Severity	Last Updated	Author	Types, Tactics & Capabilities
Brand impersonation: Fake Fax	6d ago Jun 17th, 2026	Sublime Security	Credential Phishing Impersonation: Brand Image as content Free file host Free subdomain host Social engineering Computer Vision Content analysis Optical Character Recognition Sender analysis URL analysis
Open Redirect: Google domain with /url path and suspicious indicators	18d ago Jun 5th, 2026	Sublime Security	Credential Phishing Evasion Open redirect Computer Vision Content analysis File analysis Header analysis Natural Language Understanding Optical Character Recognition Sender analysis URL analysis
Attachment: Microsoft 365 credential phishing	18d ago Jun 5th, 2026	Sublime Security	Credential Phishing Impersonation: Brand Social engineering Content analysis File analysis Header analysis Optical Character Recognition Sender analysis
Credential phishing: DocuSign embedded image lure with no DocuSign domains in links	18d ago Jun 5th, 2026	Sublime Security	Credential Phishing Impersonation: Brand Social engineering Computer Vision Content analysis Header analysis Natural Language Understanding Optical Character Recognition Sender analysis
Attachment: Adobe image lure in body or attachment with suspicious link	18d ago Jun 5th, 2026	Sublime Security	Credential Phishing Image as content Impersonation: Brand Content analysis Computer Vision Optical Character Recognition Sender analysis URL analysis
Attachment: Callback phishing solicitation via pdf file	18d ago Jun 5th, 2026	Sublime Security	Callback Phishing Evasion Free email provider Out of band pivot PDF Social engineering Exif analysis File analysis Optical Character Recognition Sender analysis
Brand impersonation: Microsoft with low reputation links	18d ago Jun 5th, 2026	Sublime Security	Credential Phishing Free file host Image as content Impersonation: Brand Social engineering Computer Vision Content analysis File analysis Header analysis Natural Language Understanding Optical Character Recognition Sender analysis URL analysis
Attachment: Fake attachment image lure	18d ago Jun 5th, 2026	Sublime Security	Credential Phishing Malware/Ransomware Evasion Image as content Social engineering File analysis Natural Language Understanding Optical Character Recognition
Brand impersonation: Adobe Acrobat Sign PDF phishing file format template	22d ago Jun 1st, 2026	Sublime Security	Credential Phishing Impersonation: Brand PDF Computer Vision Optical Character Recognition File analysis
Attachment: Compensation-themed DOCX with QR code credential theft	25d ago May 29th, 2026	Sublime Security	Credential Phishing QR code Social engineering Impersonation: Brand File analysis Optical Character Recognition QR code analysis Natural Language Understanding Exif analysis Content analysis
Brand impersonation: Figma with malicious document access overlay	27d ago May 27th, 2026	Sublime Security	Credential Phishing Impersonation: Brand Social engineering Image as content Sender analysis HTML analysis URL screenshot Optical Character Recognition URL analysis
X (Twitter) impersonation with credential phishing motives	1mo ago May 15th, 2026	Sublime Security	Credential Phishing Impersonation: Brand Social engineering Computer Vision File analysis Header analysis Optical Character Recognition Natural Language Understanding Sender analysis
Cloud storage impersonation with credential theft indicators	1mo ago May 12th, 2026	Sublime Security	Credential Phishing Free file host Image as content Impersonation: Brand Social engineering Computer Vision Content analysis Header analysis Natural Language Understanding Optical Character Recognition Sender analysis URL analysis
Attachment: Suspicious PDF created with headless browser	1mo ago May 7th, 2026	Sublime Security	Credential Phishing Evasion PDF Content analysis Exif analysis File analysis Optical Character Recognition
Callback phishing via Google Group abuse	1mo ago May 4th, 2026	Sublime Security	Callback Phishing Free email provider Impersonation: Brand Social engineering File analysis Natural Language Understanding Optical Character Recognition Sender analysis
Callback phishing via Intuit service abuse	1mo ago May 4th, 2026	Sublime Security	Callback Phishing Evasion Free email provider Impersonation: Brand Social engineering Computer Vision Content analysis Header analysis Optical Character Recognition
Brand impersonation: SharePoint PDF attachment with credential theft language	1mo ago May 4th, 2026	Sublime Security	Credential Phishing Impersonation: Brand Social engineering PDF Evasion Computer Vision File analysis Natural Language Understanding Optical Character Recognition Sender analysis URL analysis Header analysis Whois
Attachment: Fake voicemail via PDF	1mo ago Apr 30th, 2026	Sublime Security	Credential Phishing PDF QR code Social engineering Computer Vision Content analysis File analysis Optical Character Recognition QR code analysis URL analysis
Adobe branded PDF file linking to a password-protected file from untrusted sender	1mo ago Apr 29th, 2026	Sublime Security	Malware/Ransomware Encryption Evasion Impersonation: Brand PDF Archive analysis File analysis Natural Language Understanding Optical Character Recognition
Brand impersonation: Amazon with suspicious attachment	2mo ago Apr 14th, 2026	Sublime Security	Credential Phishing Impersonation: Brand Social engineering Computer Vision File analysis Header analysis Natural Language Understanding Optical Character Recognition Sender analysis