Sublime Security

Sublime Core Feed
Social engineering
Learn More
Login to Sublime
Attack Types
BEC/Fraud
Callback Phishing
Credential Phishing
Extortion
Malware/Ransomware
Reconnaissance
Spam
Tactics and Techniques
Encryption
Evasion
Exploit
Free email provider
Free file host
Free subdomain host
HTML smuggling
ICS Phishing
Image as content
Impersonation: Brand
Impersonation: Employee
Impersonation: VIP
IPFS
ISO
LNK
Lookalike domain
Macros
OneNote
Open redirect
Out of band pivot
PDF
Punycode
QR code
Scripting
Social engineering
Spoofing
Detection Methods
Archive analysis
Content analysis
Computer Vision
Exif analysis
File analysis
Header analysis
HTML analysis
Javascript analysis
Macro analysis
Natural Language Understanding
Optical Character Recognition
OLE analysis
PDF analysis
QR code analysis
Sender analysis
Threat intelligence
URL analysis
URL screenshot
Whois
XML analysis
YARA
Tactic or Technique: Social engineering
Social engineering targets people instead of systems. Attackers use persuasion, pressure, or emotional cues to get you to act quickly and bypass security tools without realizing it.
Messages often create urgency, mimic authority figures, or feel familiar enough to lower your guard. An attacker might pose as your manager asking for a quick favor, reference a recent company event, or claim your account is about to be locked. These tricks are designed to feel legitimate and get you to respond without verifying the request.
Common approaches include pretexting, where attackers invent a believable scenario; baiting, where they offer something enticing; or quid pro quo, where they offer help in exchange for access. Even a single successful interaction can lead to broader compromise, including data theft, ransomware, or a full network breach.
Blog Posts
Credential phishing Charles Schwab account holders with 2FA bypass · Blog · Sublime Security
Hiding a $50,000 BEC financial fraud in a fake email thread · Blog · Sublime Security
Callback phishing via invoice abuse and distribution list relays · Blog · Sublime Security
Talking phish over turkey · Blog · Sublime Security
Hidden credential phishing within EML attachments · Blog · Sublime Security
Living Off the Land: Credential Phishing via Docusign abuse · Blog · Sublime Security
Living Off the Land: Callback Phishing via Docusign comment · Blog · Sublime Security
Adversarial ML: Extortion via LLM Manipulation Tactics · Blog · Sublime Security
Fake invoice used to conduct $16,800 BEC attempt · Blog · Sublime Security
Gotta Catch 'Em All: Detecting PikaBot Delivery Techniques · Blog · Sublime Security
Attack Types (6):
Credential Phishing
BEC/Fraud
Malware/Ransomware
Spam
Callback Phishing
Extortion
Detection Methods (20):
URL analysis
Sender analysis
Header analysis
Content analysis
HTML analysis
Threat intelligence
Natural Language Understanding
Whois
File analysis
Exif analysis
Computer Vision
Optical Character Recognition
YARA
URL screenshot
QR code analysis
Archive analysis
Javascript analysis
Macro analysis
OLE analysis
XML analysis
Rule Name & Severity
Last Updated
Types, Tactics & Capabilities
Brand impersonation: Zoom via lookalike domain
11h ago
Jun 22nd, 2026
Sublime Security
Credential Phishing
Impersonation: Brand
Free email provider
Social engineering
URL analysis
Sender analysis
Credential Phishing
Impersonation: Brand
Free email provider
Social engineering
URL analysis
Sender analysis
Observed IOC: Malicious sender email addresses
4d ago
Jun 19th, 2026
Sublime Security
BEC/Fraud
Credential Phishing
Malware/Ransomware
Social engineering
Sender analysis
Header analysis
BEC/Fraud
Credential Phishing
Malware/Ransomware
Social engineering
Sender analysis
Header analysis
Observed IOC: Malicious sender domains
4d ago
Jun 19th, 2026
Sublime Security
BEC/Fraud
Credential Phishing
Malware/Ransomware
Social engineering
Sender analysis
Header analysis
BEC/Fraud
Credential Phishing
Malware/Ransomware
Social engineering
Sender analysis
Header analysis
Service abuse: DocSend share from an unsolicited reply-to address
5d ago
Jun 18th, 2026
Sublime Security
Credential Phishing
Evasion
Free file host
Social engineering
Content analysis
Header analysis
Sender analysis
Credential Phishing
Evasion
Free file host
Social engineering
Content analysis
Header analysis
Sender analysis
Link: Mamba 2FA phishing kit
5d ago
Jun 18th, 2026
Sublime Security
Credential Phishing
Evasion
Social engineering
URL analysis
Credential Phishing
Evasion
Social engineering
URL analysis
Body: Fake secure email portal with HTML obfuscation
5d ago
Jun 18th, 2026
Sublime Security
Credential Phishing
Evasion
Social engineering
Spoofing
Content analysis
HTML analysis
URL analysis
Sender analysis
Threat intelligence
Credential Phishing
Evasion
Social engineering
Spoofing
Content analysis
HTML analysis
URL analysis
Sender analysis
Threat intelligence
Employee impersonation: Payroll fraud
5d ago
Jun 18th, 2026
Sublime Security
BEC/Fraud
Impersonation: Employee
Free email provider
Social engineering
Content analysis
Sender analysis
BEC/Fraud
Impersonation: Employee
Free email provider
Social engineering
Content analysis
Sender analysis
BEC/Fraud: Unsolicited business acquisition offer
5d ago
Jun 18th, 2026
Sublime Security
BEC/Fraud
Social engineering
Content analysis
BEC/Fraud
Social engineering
Content analysis
Brand impersonation: Cloud services with credential theft intent
5d ago
Jun 18th, 2026
Sublime Security
Credential Phishing
Social engineering
Content analysis
Natural Language Understanding
Sender analysis
URL analysis
Credential Phishing
Social engineering
Content analysis
Natural Language Understanding
Sender analysis
URL analysis
Service abuse: Google Firebase sender address with suspicious content
5d ago
Jun 18th, 2026
Sublime Security
Spam
Credential Phishing
Free subdomain host
Social engineering
Content analysis
Header analysis
HTML analysis
Natural Language Understanding
Sender analysis
URL analysis
Whois
Spam
Credential Phishing
Free subdomain host
Social engineering
Content analysis
Header analysis
HTML analysis
Natural Language Understanding
Sender analysis
URL analysis
Whois
Credential phishing: Fake storage alerts (unsolicited)
5d ago
Jun 18th, 2026
Sublime Security
Credential Phishing
Social engineering
Content analysis
Sender analysis
Credential Phishing
Social engineering
Content analysis
Sender analysis
Brand impersonation: Bids & Tenders
6d ago
Jun 17th, 2026
Sublime Security
Credential Phishing
Impersonation: Brand
Spoofing
Social engineering
Sender analysis
URL analysis
Content analysis
Credential Phishing
Impersonation: Brand
Spoofing
Social engineering
Sender analysis
URL analysis
Content analysis
Service abuse: Outlook Groups with Google Sites link and evasion tag
6d ago
Jun 17th, 2026
Sublime Security
Credential Phishing
Evasion
Free subdomain host
Social engineering
Content analysis
Header analysis
URL analysis
Sender analysis
Credential Phishing
Evasion
Free subdomain host
Social engineering
Content analysis
Header analysis
URL analysis
Sender analysis
Brand impersonation: Microsoft
6d ago
Jun 17th, 2026
@amitchell516
Credential Phishing
Impersonation: Brand
Social engineering
Content analysis
Sender analysis
Credential Phishing
Impersonation: Brand
Social engineering
Content analysis
Sender analysis
Attachment: PDF with a suspicious string and single URL
6d ago
Jun 17th, 2026
Sublime Security
Credential Phishing
PDF
Social engineering
Evasion
Content analysis
File analysis
URL analysis
Exif analysis
Credential Phishing
PDF
Social engineering
Evasion
Content analysis
File analysis
URL analysis
Exif analysis
Brand impersonation: Quickbooks
6d ago
Jun 17th, 2026
Sublime Security
Callback Phishing
Credential Phishing
Impersonation: Brand
Social engineering
Computer Vision
Content analysis
Header analysis
Sender analysis
Callback Phishing
Credential Phishing
Impersonation: Brand
Social engineering
Computer Vision
Content analysis
Header analysis
Sender analysis
Link: Romance/Sexual Language With Suspicious Link
6d ago
Jun 17th, 2026
Sublime Security
Spam
Social engineering
Content analysis
Header analysis
URL analysis
Whois
Spam
Social engineering
Content analysis
Header analysis
URL analysis
Whois
Attachment: Encrypted PDF with credential theft body
6d ago
Jun 17th, 2026
Sublime Security
Credential Phishing
Encryption
Evasion
PDF
Social engineering
Content analysis
Exif analysis
File analysis
Natural Language Understanding
Sender analysis
Credential Phishing
Encryption
Evasion
PDF
Social engineering
Content analysis
Exif analysis
File analysis
Natural Language Understanding
Sender analysis
Reconnaissance: Short generic greeting message
6d ago
Jun 17th, 2026
Sublime Security
BEC/Fraud
Callback Phishing
Social engineering
Free email provider
Content analysis
Header analysis
Natural Language Understanding
Sender analysis
BEC/Fraud
Callback Phishing
Social engineering
Free email provider
Content analysis
Header analysis
Natural Language Understanding
Sender analysis
Fake thread with suspicious indicators
6d ago
Jun 17th, 2026
Sublime Security
BEC/Fraud
Credential Phishing
Spam
Evasion
Social engineering
Content analysis
Header analysis
Natural Language Understanding
Sender analysis
BEC/Fraud
Credential Phishing
Spam
Evasion
Social engineering
Content analysis
Header analysis
Natural Language Understanding
Sender analysis
Page 1 of 25

Rule Name & Severity	Last Updated	Author	Types, Tactics & Capabilities
Brand impersonation: Zoom via lookalike domain	11h ago Jun 22nd, 2026	Sublime Security	Credential Phishing Impersonation: Brand Free email provider Social engineering URL analysis Sender analysis
Observed IOC: Malicious sender email addresses	4d ago Jun 19th, 2026	Sublime Security	BEC/Fraud Credential Phishing Malware/Ransomware Social engineering Sender analysis Header analysis
Observed IOC: Malicious sender domains	4d ago Jun 19th, 2026	Sublime Security	BEC/Fraud Credential Phishing Malware/Ransomware Social engineering Sender analysis Header analysis
Service abuse: DocSend share from an unsolicited reply-to address	5d ago Jun 18th, 2026	Sublime Security	Credential Phishing Evasion Free file host Social engineering Content analysis Header analysis Sender analysis
Link: Mamba 2FA phishing kit	5d ago Jun 18th, 2026	Sublime Security	Credential Phishing Evasion Social engineering URL analysis
Body: Fake secure email portal with HTML obfuscation	5d ago Jun 18th, 2026	Sublime Security	Credential Phishing Evasion Social engineering Spoofing Content analysis HTML analysis URL analysis Sender analysis Threat intelligence
Employee impersonation: Payroll fraud	5d ago Jun 18th, 2026	Sublime Security	BEC/Fraud Impersonation: Employee Free email provider Social engineering Content analysis Sender analysis
BEC/Fraud: Unsolicited business acquisition offer	5d ago Jun 18th, 2026	Sublime Security	BEC/Fraud Social engineering Content analysis
Brand impersonation: Cloud services with credential theft intent	5d ago Jun 18th, 2026	Sublime Security	Credential Phishing Social engineering Content analysis Natural Language Understanding Sender analysis URL analysis
Service abuse: Google Firebase sender address with suspicious content	5d ago Jun 18th, 2026	Sublime Security	Spam Credential Phishing Free subdomain host Social engineering Content analysis Header analysis HTML analysis Natural Language Understanding Sender analysis URL analysis Whois
Credential phishing: Fake storage alerts (unsolicited)	5d ago Jun 18th, 2026	Sublime Security	Credential Phishing Social engineering Content analysis Sender analysis
Brand impersonation: Bids & Tenders	6d ago Jun 17th, 2026	Sublime Security	Credential Phishing Impersonation: Brand Spoofing Social engineering Sender analysis URL analysis Content analysis
Service abuse: Outlook Groups with Google Sites link and evasion tag	6d ago Jun 17th, 2026	Sublime Security	Credential Phishing Evasion Free subdomain host Social engineering Content analysis Header analysis URL analysis Sender analysis
Brand impersonation: Microsoft	6d ago Jun 17th, 2026	@amitchell516	Credential Phishing Impersonation: Brand Social engineering Content analysis Sender analysis
Attachment: PDF with a suspicious string and single URL	6d ago Jun 17th, 2026	Sublime Security	Credential Phishing PDF Social engineering Evasion Content analysis File analysis URL analysis Exif analysis
Brand impersonation: Quickbooks	6d ago Jun 17th, 2026	Sublime Security	Callback Phishing Credential Phishing Impersonation: Brand Social engineering Computer Vision Content analysis Header analysis Sender analysis
Link: Romance/Sexual Language With Suspicious Link	6d ago Jun 17th, 2026	Sublime Security	Spam Social engineering Content analysis Header analysis URL analysis Whois
Attachment: Encrypted PDF with credential theft body	6d ago Jun 17th, 2026	Sublime Security	Credential Phishing Encryption Evasion PDF Social engineering Content analysis Exif analysis File analysis Natural Language Understanding Sender analysis
Reconnaissance: Short generic greeting message	6d ago Jun 17th, 2026	Sublime Security	BEC/Fraud Callback Phishing Social engineering Free email provider Content analysis Header analysis Natural Language Understanding Sender analysis
Fake thread with suspicious indicators	6d ago Jun 17th, 2026	Sublime Security	BEC/Fraud Credential Phishing Spam Evasion Social engineering Content analysis Header analysis Natural Language Understanding Sender analysis