Sublime Security

Sublime Core Feed
QR code analysis
Learn More
Login to Sublime
Attack Types
BEC/Fraud
Callback Phishing
Credential Phishing
Extortion
Malware/Ransomware
Reconnaissance
Spam
Tactics and Techniques
Encryption
Evasion
Exploit
Free email provider
Free file host
Free subdomain host
HTML smuggling
ICS Phishing
Image as content
Impersonation: Brand
Impersonation: Employee
Impersonation: VIP
IPFS
ISO
LNK
Lookalike domain
Macros
OneNote
Open redirect
Out of band pivot
PDF
Punycode
QR code
Scripting
Social engineering
Spoofing
Detection Methods
Archive analysis
Content analysis
Computer Vision
Exif analysis
File analysis
Header analysis
HTML analysis
Javascript analysis
Macro analysis
Natural Language Understanding
Optical Character Recognition
OLE analysis
PDF analysis
QR code analysis
Sender analysis
Threat intelligence
URL analysis
URL screenshot
Whois
XML analysis
YARA
Detection Method: QR code analysis
QR code analysis scans and decodes QR codes in emails, attachments, or links to uncover potential security threats that could affect you. This method extracts data from QR codes, checking for malicious URLs, phishing attempts, or harmful contact information.
QR code analysis can help you detect:
Phishing links camouflaged as legitimate QR codes in attachments or images
Malicious URLs redirecting you to credential harvesting sites
QR codes that prompt automatic downloads of malware
QR codes containing social engineering information
For example, attackers often use QR codes in phishing campaigns to bypass URL filters. Since you can’t preview the destination before scanning, this method is highly effective at deceiving unsuspecting recipients .
Blog Posts
Tax season email attacks: AdWind RATs and Tycoon 2FA phishing kits · Blog · Sublime Security
Talking phish over turkey · Blog · Sublime Security
QR Code Phishing: Decoding Hidden Threats · Blog · Sublime Security
Attack Types (3):
Credential Phishing
Malware/Ransomware
BEC/Fraud
Tactics & Techniques (14):
QR code
Social engineering
Impersonation: Brand
Free file host
Image as content
Evasion
PDF
Macros
Encryption
Free email provider
Free subdomain host
Open redirect
Out of band pivot
LNK
Rule Name & Severity
Last Updated
Types, Tactics & Capabilities
Attachment: Compensation-themed DOCX with QR code credential theft
4d ago
May 29th, 2026
Sublime Security
Credential Phishing
QR code
Social engineering
Impersonation: Brand
File analysis
Optical Character Recognition
QR code analysis
Natural Language Understanding
Exif analysis
Content analysis
Credential Phishing
QR code
Social engineering
Impersonation: Brand
File analysis
Optical Character Recognition
QR code analysis
Natural Language Understanding
Exif analysis
Content analysis
Service abuse: Square marketing with suspicious QR code
7d ago
May 26th, 2026
Sublime Security
Credential Phishing
QR code
Free file host
Computer Vision
QR code analysis
Sender analysis
URL analysis
Credential Phishing
QR code
Free file host
Computer Vision
QR code analysis
Sender analysis
URL analysis
Attachment: SVG files with evasion elements
25d ago
May 8th, 2026
Sublime Security
Malware/Ransomware
Credential Phishing
QR code
Image as content
Evasion
File analysis
XML analysis
QR code analysis
Sender analysis
Malware/Ransomware
Credential Phishing
QR code
Image as content
Evasion
File analysis
XML analysis
QR code analysis
Sender analysis
Brand impersonation: DocuSign with embedded QR code
29d ago
May 4th, 2026
Sublime Security
Credential Phishing
Evasion
Image as content
Impersonation: Brand
QR code
Computer Vision
Content analysis
QR code analysis
Sender analysis
Credential Phishing
Evasion
Image as content
Impersonation: Brand
QR code
Computer Vision
Content analysis
QR code analysis
Sender analysis
Attachment: QR code with userinfo portion
1mo ago
Apr 30th, 2026
Sublime Security
Credential Phishing
Malware/Ransomware
Evasion
Image as content
PDF
QR code
QR code analysis
File analysis
Sender analysis
Credential Phishing
Malware/Ransomware
Evasion
Image as content
PDF
QR code
QR code analysis
File analysis
Sender analysis
Attachment: Fake voicemail via PDF
1mo ago
Apr 30th, 2026
Sublime Security
Credential Phishing
PDF
QR code
Social engineering
Computer Vision
Content analysis
File analysis
Optical Character Recognition
QR code analysis
URL analysis
Credential Phishing
PDF
QR code
Social engineering
Computer Vision
Content analysis
File analysis
Optical Character Recognition
QR code analysis
URL analysis
Attachment: QR code link with base64-encoded recipient address
1mo ago
Apr 29th, 2026
Sublime Security
Credential Phishing
QR code
Image as content
Social engineering
Evasion
PDF
Macros
Computer Vision
File analysis
Natural Language Understanding
QR code analysis
Sender analysis
Credential Phishing
QR code
Image as content
Social engineering
Evasion
PDF
Macros
Computer Vision
File analysis
Natural Language Understanding
QR code analysis
Sender analysis
QR Code with suspicious indicators
1mo ago
Apr 22nd, 2026
Sublime Security
Credential Phishing
QR code
Social engineering
Content analysis
Header analysis
Computer Vision
Natural Language Understanding
QR code analysis
Sender analysis
URL analysis
Credential Phishing
QR code
Social engineering
Content analysis
Header analysis
Computer Vision
Natural Language Understanding
QR code analysis
Sender analysis
URL analysis
Brand impersonation: Adobe (QR code)
1mo ago
Apr 20th, 2026
Sublime Security
Credential Phishing
Impersonation: Brand
PDF
QR code
Computer Vision
Header analysis
QR code analysis
Sender analysis
Credential Phishing
Impersonation: Brand
PDF
QR code
Computer Vision
Header analysis
QR code analysis
Sender analysis
Attachment: ICS calendar file with QR code containing recipient email address
1mo ago
Apr 20th, 2026
Sublime Security
Credential Phishing
QR code
Social engineering
Evasion
File analysis
QR code analysis
URL analysis
Content analysis
Credential Phishing
QR code
Social engineering
Evasion
File analysis
QR code analysis
URL analysis
Content analysis
Attachment: PDF with split QR code
1mo ago
Apr 15th, 2026
Sublime Security
Credential Phishing
Evasion
PDF
QR code
File analysis
YARA
QR code analysis
Credential Phishing
Evasion
PDF
QR code
File analysis
YARA
QR code analysis
Attachment: Compensation review lure with QR code
1mo ago
Apr 14th, 2026
Sublime Security
Credential Phishing
PDF
QR code
Social engineering
File analysis
Optical Character Recognition
QR code analysis
Natural Language Understanding
Sender analysis
Header analysis
Credential Phishing
PDF
QR code
Social engineering
File analysis
Optical Character Recognition
QR code analysis
Natural Language Understanding
Sender analysis
Header analysis
Attachment: EML with QR code redirecting to Cloudflare challenges
2mo ago
Apr 1st, 2026
Sublime Security
Credential Phishing
Malware/Ransomware
Evasion
QR code
File analysis
QR code analysis
URL analysis
Archive analysis
Credential Phishing
Malware/Ransomware
Evasion
QR code
File analysis
QR code analysis
URL analysis
Archive analysis
Service abuse: Monday.com infrastructure with phishing intent
2mo ago
Mar 9th, 2026
Sublime Security
Credential Phishing
Evasion
Social engineering
QR code
Content analysis
File analysis
Header analysis
QR code analysis
Sender analysis
URL analysis
Credential Phishing
Evasion
Social engineering
QR code
Content analysis
File analysis
Header analysis
QR code analysis
Sender analysis
URL analysis
Attachment: PDF with recipient email in link
3mo ago
Mar 3rd, 2026
Sublime Security
Credential Phishing
PDF
QR code
Encryption
Social engineering
File analysis
QR code analysis
URL analysis
Credential Phishing
PDF
QR code
Encryption
Social engineering
File analysis
QR code analysis
URL analysis
Attachment: QR code with suspicious URL patterns in EML file
3mo ago
Feb 21st, 2026
Sublime Security
Credential Phishing
QR code
Evasion
Social engineering
Archive analysis
File analysis
QR code analysis
URL analysis
Credential Phishing
QR code
Evasion
Social engineering
Archive analysis
File analysis
QR code analysis
URL analysis
Attachment: QR code with recipient targeting and special characters
3mo ago
Feb 21st, 2026
Sublime Security
Credential Phishing
QR code
Social engineering
Evasion
File analysis
QR code analysis
URL analysis
Computer Vision
Credential Phishing
QR code
Social engineering
Evasion
File analysis
QR code analysis
URL analysis
Computer Vision
ClickFunnels link infrastructure abuse
3mo ago
Feb 5th, 2026
Sublime Security
Credential Phishing
Free email provider
Free subdomain host
Social engineering
Content analysis
Header analysis
QR code analysis
Sender analysis
URL analysis
Credential Phishing
Free email provider
Free subdomain host
Social engineering
Content analysis
Header analysis
QR code analysis
Sender analysis
URL analysis
Attachment: QR code with encoded recipient targeting and redirect indicators
4mo ago
Jan 30th, 2026
Sublime Security
Credential Phishing
QR code
Evasion
Image as content
Open redirect
Archive analysis
File analysis
QR code analysis
URL analysis
Credential Phishing
QR code
Evasion
Image as content
Open redirect
Archive analysis
File analysis
QR code analysis
URL analysis
Attachment: QR code with credential phishing indicators
4mo ago
Jan 12th, 2026
Sublime Security
Credential Phishing
QR code
Social engineering
Computer Vision
Header analysis
Natural Language Understanding
QR code analysis
Sender analysis
URL analysis
URL screenshot
Credential Phishing
QR code
Social engineering
Computer Vision
Header analysis
Natural Language Understanding
QR code analysis
Sender analysis
URL analysis
URL screenshot
Page 1 of 2

Rule Name & Severity	Last Updated	Author	Types, Tactics & Capabilities
Attachment: Compensation-themed DOCX with QR code credential theft	4d ago May 29th, 2026	Sublime Security	Credential Phishing QR code Social engineering Impersonation: Brand File analysis Optical Character Recognition QR code analysis Natural Language Understanding Exif analysis Content analysis
Service abuse: Square marketing with suspicious QR code	7d ago May 26th, 2026	Sublime Security	Credential Phishing QR code Free file host Computer Vision QR code analysis Sender analysis URL analysis
Attachment: SVG files with evasion elements	25d ago May 8th, 2026	Sublime Security	Malware/Ransomware Credential Phishing QR code Image as content Evasion File analysis XML analysis QR code analysis Sender analysis
Brand impersonation: DocuSign with embedded QR code	29d ago May 4th, 2026	Sublime Security	Credential Phishing Evasion Image as content Impersonation: Brand QR code Computer Vision Content analysis QR code analysis Sender analysis
Attachment: QR code with userinfo portion	1mo ago Apr 30th, 2026	Sublime Security	Credential Phishing Malware/Ransomware Evasion Image as content PDF QR code QR code analysis File analysis Sender analysis
Attachment: Fake voicemail via PDF	1mo ago Apr 30th, 2026	Sublime Security	Credential Phishing PDF QR code Social engineering Computer Vision Content analysis File analysis Optical Character Recognition QR code analysis URL analysis
Attachment: QR code link with base64-encoded recipient address	1mo ago Apr 29th, 2026	Sublime Security	Credential Phishing QR code Image as content Social engineering Evasion PDF Macros Computer Vision File analysis Natural Language Understanding QR code analysis Sender analysis
QR Code with suspicious indicators	1mo ago Apr 22nd, 2026	Sublime Security	Credential Phishing QR code Social engineering Content analysis Header analysis Computer Vision Natural Language Understanding QR code analysis Sender analysis URL analysis
Brand impersonation: Adobe (QR code)	1mo ago Apr 20th, 2026	Sublime Security	Credential Phishing Impersonation: Brand PDF QR code Computer Vision Header analysis QR code analysis Sender analysis
Attachment: ICS calendar file with QR code containing recipient email address	1mo ago Apr 20th, 2026	Sublime Security	Credential Phishing QR code Social engineering Evasion File analysis QR code analysis URL analysis Content analysis
Attachment: PDF with split QR code	1mo ago Apr 15th, 2026	Sublime Security	Credential Phishing Evasion PDF QR code File analysis YARA QR code analysis
Attachment: Compensation review lure with QR code	1mo ago Apr 14th, 2026	Sublime Security	Credential Phishing PDF QR code Social engineering File analysis Optical Character Recognition QR code analysis Natural Language Understanding Sender analysis Header analysis
Attachment: EML with QR code redirecting to Cloudflare challenges	2mo ago Apr 1st, 2026	Sublime Security	Credential Phishing Malware/Ransomware Evasion QR code File analysis QR code analysis URL analysis Archive analysis
Service abuse: Monday.com infrastructure with phishing intent	2mo ago Mar 9th, 2026	Sublime Security	Credential Phishing Evasion Social engineering QR code Content analysis File analysis Header analysis QR code analysis Sender analysis URL analysis
Attachment: PDF with recipient email in link	3mo ago Mar 3rd, 2026	Sublime Security	Credential Phishing PDF QR code Encryption Social engineering File analysis QR code analysis URL analysis
Attachment: QR code with suspicious URL patterns in EML file	3mo ago Feb 21st, 2026	Sublime Security	Credential Phishing QR code Evasion Social engineering Archive analysis File analysis QR code analysis URL analysis
Attachment: QR code with recipient targeting and special characters	3mo ago Feb 21st, 2026	Sublime Security	Credential Phishing QR code Social engineering Evasion File analysis QR code analysis URL analysis Computer Vision
ClickFunnels link infrastructure abuse	3mo ago Feb 5th, 2026	Sublime Security	Credential Phishing Free email provider Free subdomain host Social engineering Content analysis Header analysis QR code analysis Sender analysis URL analysis
Attachment: QR code with encoded recipient targeting and redirect indicators	4mo ago Jan 30th, 2026	Sublime Security	Credential Phishing QR code Evasion Image as content Open redirect Archive analysis File analysis QR code analysis URL analysis
Attachment: QR code with credential phishing indicators	4mo ago Jan 12th, 2026	Sublime Security	Credential Phishing QR code Social engineering Computer Vision Header analysis Natural Language Understanding QR code analysis Sender analysis URL analysis URL screenshot