Sublime Security

Sublime Core Feed
Out of band pivot
Learn More
Login to Sublime
Attack Types
BEC/Fraud
Callback Phishing
Credential Phishing
Extortion
Malware/Ransomware
Reconnaissance
Spam
Tactics and Techniques
Encryption
Evasion
Exploit
Free email provider
Free file host
Free subdomain host
HTML smuggling
ICS Phishing
Image as content
Impersonation: Brand
Impersonation: Employee
Impersonation: VIP
IPFS
ISO
LNK
Lookalike domain
Macros
OneNote
Open redirect
Out of band pivot
PDF
Punycode
QR code
Scripting
Social engineering
Spoofing
Detection Methods
Archive analysis
Content analysis
Computer Vision
Exif analysis
File analysis
Header analysis
HTML analysis
Javascript analysis
Macro analysis
Natural Language Understanding
Optical Character Recognition
OLE analysis
PDF analysis
QR code analysis
Sender analysis
Threat intelligence
URL analysis
URL screenshot
Whois
XML analysis
YARA
Tactic or Technique: Out of band pivot
Attackers use out-of-band pivoting to move conversations off email and onto channels with less security oversight. They start with a simple message and then try to shift the conversation to phone, text, WhatsApp, or personal email, where monitoring and protections are weaker or nonexistent.
A message may reference an urgent issue and include a phone number, QR code, or request to continue the conversation elsewhere. Once the communication moves off email, attackers can push the scam further without being seen by security tools.
This tactic works because it breaks the visibility chain. Email security may catch a bad link or attachment, but it can’t detect what happens in a phone call or private chat. That gap gives attackers more freedom to ask for credentials, convince you to take risky actions, or escalate the attack without triggering alerts.
Blog Posts
Callback phishing via invoice abuse and distribution list relays · Blog · Sublime Security
Living Off the Land: Callback Phishing via Docusign comment · Blog · Sublime Security
Call Me Maybe? The Rise of Callback Phishing Emails · Blog · Sublime Security
Attack Types (4):
BEC/Fraud
Callback Phishing
Credential Phishing
Malware/Ransomware
Detection Methods (14):
Content analysis
Natural Language Understanding
Sender analysis
Computer Vision
Header analysis
URL analysis
File analysis
Optical Character Recognition
Exif analysis
QR code analysis
Whois
HTML analysis
Javascript analysis
URL screenshot
Rule Name & Severity
Last Updated
Types, Tactics & Capabilities
BEC/Fraud: Student loan callback phishing
6d ago
May 4th, 2026
Sublime Security
BEC/Fraud
Free email provider
Out of band pivot
Social engineering
Content analysis
Natural Language Understanding
Sender analysis
BEC/Fraud
Free email provider
Out of band pivot
Social engineering
Content analysis
Natural Language Understanding
Sender analysis
Callback phishing via Adobe Sign comment
6d ago
May 4th, 2026
Sublime Security
Callback Phishing
Evasion
Impersonation: Brand
Out of band pivot
Social engineering
Content analysis
Computer Vision
Header analysis
Sender analysis
URL analysis
Callback Phishing
Evasion
Impersonation: Brand
Out of band pivot
Social engineering
Content analysis
Computer Vision
Header analysis
Sender analysis
URL analysis
BEC/Fraud: Scam lure with freemail pivot
10d ago
Apr 30th, 2026
Sublime Security
BEC/Fraud
Free email provider
Out of band pivot
Content analysis
Header analysis
Sender analysis
BEC/Fraud
Free email provider
Out of band pivot
Content analysis
Header analysis
Sender analysis
Service abuse: Google Calendar notification with callback scam language
12d ago
Apr 28th, 2026
Sublime Security
Callback Phishing
ICS Phishing
Out of band pivot
Social engineering
Natural Language Understanding
Content analysis
Sender analysis
Callback Phishing
ICS Phishing
Out of band pivot
Social engineering
Natural Language Understanding
Content analysis
Sender analysis
BEC/Fraud: Job scam fake thread or plaintext pivot to freemail
13d ago
Apr 27th, 2026
Sublime Security
BEC/Fraud
Free email provider
Out of band pivot
Content analysis
File analysis
Natural Language Understanding
BEC/Fraud
Free email provider
Out of band pivot
Content analysis
File analysis
Natural Language Understanding
Callback phishing via Microsoft comment
27d ago
Apr 13th, 2026
Sublime Security
Callback Phishing
Impersonation: Brand
Out of band pivot
Social engineering
Content analysis
Header analysis
Natural Language Understanding
Sender analysis
Callback Phishing
Impersonation: Brand
Out of band pivot
Social engineering
Content analysis
Header analysis
Natural Language Understanding
Sender analysis
Callback phishing via Apple ID display name abuse
1mo ago
Apr 8th, 2026
Sublime Security
Callback Phishing
Impersonation: Brand
Out of band pivot
Social engineering
Content analysis
Natural Language Understanding
Sender analysis
Callback Phishing
Impersonation: Brand
Out of band pivot
Social engineering
Content analysis
Natural Language Understanding
Sender analysis
Benefits enrollment impersonation
1mo ago
Apr 3rd, 2026
Sublime Security
Credential Phishing
Evasion
Impersonation: Employee
Out of band pivot
Social engineering
Content analysis
Header analysis
Sender analysis
Credential Phishing
Evasion
Impersonation: Employee
Out of band pivot
Social engineering
Content analysis
Header analysis
Sender analysis
Service abuse: Microsoft Power Apps callback scam
1mo ago
Mar 30th, 2026
Sublime Security
Callback Phishing
Impersonation: Brand
Out of band pivot
Social engineering
Content analysis
Natural Language Understanding
Sender analysis
Callback Phishing
Impersonation: Brand
Out of band pivot
Social engineering
Content analysis
Natural Language Understanding
Sender analysis
Callback phishing in body or attachment (untrusted sender)
1mo ago
Mar 27th, 2026
Sublime Security
Callback Phishing
Out of band pivot
Social engineering
Content analysis
File analysis
Optical Character Recognition
Natural Language Understanding
Sender analysis
Callback Phishing
Out of band pivot
Social engineering
Content analysis
File analysis
Optical Character Recognition
Natural Language Understanding
Sender analysis
Service abuse: AWS SNS callback scam impersonation
1mo ago
Mar 26th, 2026
Sublime Security
Callback Phishing
Impersonation: Brand
Out of band pivot
Social engineering
Content analysis
Natural Language Understanding
Sender analysis
Callback Phishing
Impersonation: Brand
Out of band pivot
Social engineering
Content analysis
Natural Language Understanding
Sender analysis
Brand impersonation: GitHub with callback scam indicators
1mo ago
Mar 11th, 2026
Sublime Security
Callback Phishing
Impersonation: Brand
Out of band pivot
Social engineering
Content analysis
Natural Language Understanding
Sender analysis
Callback Phishing
Impersonation: Brand
Out of band pivot
Social engineering
Content analysis
Natural Language Understanding
Sender analysis
Service abuse: Microsoft Power Automate callback scam impersonation
2mo ago
Mar 5th, 2026
Sublime Security
Callback Phishing
Out of band pivot
Social engineering
Content analysis
Natural Language Understanding
Sender analysis
Callback Phishing
Out of band pivot
Social engineering
Content analysis
Natural Language Understanding
Sender analysis
Callback Phishing via Zoom comment
2mo ago
Feb 11th, 2026
Sublime Security
Callback Phishing
Out of band pivot
Social engineering
Impersonation: Brand
Computer Vision
Content analysis
Header analysis
Sender analysis
Callback Phishing
Out of band pivot
Social engineering
Impersonation: Brand
Computer Vision
Content analysis
Header analysis
Sender analysis
Service abuse: WeTransfer callback scam
3mo ago
Jan 30th, 2026
Sublime Security
Callback Phishing
Social engineering
Out of band pivot
Content analysis
Natural Language Understanding
Sender analysis
Callback Phishing
Social engineering
Out of band pivot
Content analysis
Natural Language Understanding
Sender analysis
Service abuse: Monday.com callback scam
3mo ago
Jan 26th, 2026
Sublime Security
Callback Phishing
Social engineering
Out of band pivot
Content analysis
Natural Language Understanding
Sender analysis
Callback Phishing
Social engineering
Out of band pivot
Content analysis
Natural Language Understanding
Sender analysis
Service abuse: Microsoft Power BI callback scam
3mo ago
Jan 22nd, 2026
Sublime Security
Callback Phishing
Out of band pivot
Social engineering
Content analysis
Natural Language Understanding
Sender analysis
Callback Phishing
Out of band pivot
Social engineering
Content analysis
Natural Language Understanding
Sender analysis
Service abuse: GetAccept callback scam content
3mo ago
Jan 16th, 2026
Sublime Security
Callback Phishing
Out of band pivot
Social engineering
Content analysis
Natural Language Understanding
Sender analysis
Callback Phishing
Out of band pivot
Social engineering
Content analysis
Natural Language Understanding
Sender analysis
Attachment: Callback phishing solicitation via image file
3mo ago
Jan 12th, 2026
@vector_sec
Callback Phishing
Evasion
Free email provider
Out of band pivot
Social engineering
Image as content
Content analysis
Optical Character Recognition
Sender analysis
URL analysis
Computer Vision
Callback Phishing
Evasion
Free email provider
Out of band pivot
Social engineering
Image as content
Content analysis
Optical Character Recognition
Sender analysis
URL analysis
Computer Vision
Callback phishing via Xodo Sign comment
3mo ago
Jan 12th, 2026
Sublime Security
Callback Phishing
Exploit
Impersonation: Brand
Out of band pivot
Social engineering
Computer Vision
Content analysis
Header analysis
Sender analysis
URL analysis
Callback Phishing
Exploit
Impersonation: Brand
Out of band pivot
Social engineering
Computer Vision
Content analysis
Header analysis
Sender analysis
URL analysis
Page 1 of 2

Rule Name & Severity	Last Updated	Author	Types, Tactics & Capabilities
BEC/Fraud: Student loan callback phishing	6d ago May 4th, 2026	Sublime Security	BEC/Fraud Free email provider Out of band pivot Social engineering Content analysis Natural Language Understanding Sender analysis
Callback phishing via Adobe Sign comment	6d ago May 4th, 2026	Sublime Security	Callback Phishing Evasion Impersonation: Brand Out of band pivot Social engineering Content analysis Computer Vision Header analysis Sender analysis URL analysis
BEC/Fraud: Scam lure with freemail pivot	10d ago Apr 30th, 2026	Sublime Security	BEC/Fraud Free email provider Out of band pivot Content analysis Header analysis Sender analysis
Service abuse: Google Calendar notification with callback scam language	12d ago Apr 28th, 2026	Sublime Security	Callback Phishing ICS Phishing Out of band pivot Social engineering Natural Language Understanding Content analysis Sender analysis
BEC/Fraud: Job scam fake thread or plaintext pivot to freemail	13d ago Apr 27th, 2026	Sublime Security	BEC/Fraud Free email provider Out of band pivot Content analysis File analysis Natural Language Understanding
Callback phishing via Microsoft comment	27d ago Apr 13th, 2026	Sublime Security	Callback Phishing Impersonation: Brand Out of band pivot Social engineering Content analysis Header analysis Natural Language Understanding Sender analysis
Callback phishing via Apple ID display name abuse	1mo ago Apr 8th, 2026	Sublime Security	Callback Phishing Impersonation: Brand Out of band pivot Social engineering Content analysis Natural Language Understanding Sender analysis
Benefits enrollment impersonation	1mo ago Apr 3rd, 2026	Sublime Security	Credential Phishing Evasion Impersonation: Employee Out of band pivot Social engineering Content analysis Header analysis Sender analysis
Service abuse: Microsoft Power Apps callback scam	1mo ago Mar 30th, 2026	Sublime Security	Callback Phishing Impersonation: Brand Out of band pivot Social engineering Content analysis Natural Language Understanding Sender analysis
Callback phishing in body or attachment (untrusted sender)	1mo ago Mar 27th, 2026	Sublime Security	Callback Phishing Out of band pivot Social engineering Content analysis File analysis Optical Character Recognition Natural Language Understanding Sender analysis
Service abuse: AWS SNS callback scam impersonation	1mo ago Mar 26th, 2026	Sublime Security	Callback Phishing Impersonation: Brand Out of band pivot Social engineering Content analysis Natural Language Understanding Sender analysis
Brand impersonation: GitHub with callback scam indicators	1mo ago Mar 11th, 2026	Sublime Security	Callback Phishing Impersonation: Brand Out of band pivot Social engineering Content analysis Natural Language Understanding Sender analysis
Service abuse: Microsoft Power Automate callback scam impersonation	2mo ago Mar 5th, 2026	Sublime Security	Callback Phishing Out of band pivot Social engineering Content analysis Natural Language Understanding Sender analysis
Callback Phishing via Zoom comment	2mo ago Feb 11th, 2026	Sublime Security	Callback Phishing Out of band pivot Social engineering Impersonation: Brand Computer Vision Content analysis Header analysis Sender analysis
Service abuse: WeTransfer callback scam	3mo ago Jan 30th, 2026	Sublime Security	Callback Phishing Social engineering Out of band pivot Content analysis Natural Language Understanding Sender analysis
Service abuse: Monday.com callback scam	3mo ago Jan 26th, 2026	Sublime Security	Callback Phishing Social engineering Out of band pivot Content analysis Natural Language Understanding Sender analysis
Service abuse: Microsoft Power BI callback scam	3mo ago Jan 22nd, 2026	Sublime Security	Callback Phishing Out of band pivot Social engineering Content analysis Natural Language Understanding Sender analysis
Service abuse: GetAccept callback scam content	3mo ago Jan 16th, 2026	Sublime Security	Callback Phishing Out of band pivot Social engineering Content analysis Natural Language Understanding Sender analysis
Attachment: Callback phishing solicitation via image file	3mo ago Jan 12th, 2026	@vector_sec	Callback Phishing Evasion Free email provider Out of band pivot Social engineering Image as content Content analysis Optical Character Recognition Sender analysis URL analysis Computer Vision
Callback phishing via Xodo Sign comment	3mo ago Jan 12th, 2026	Sublime Security	Callback Phishing Exploit Impersonation: Brand Out of band pivot Social engineering Computer Vision Content analysis Header analysis Sender analysis URL analysis