Sublime Security

Sublime Core Feed
Spam
Learn More
Login to Sublime
Attack Types
BEC/Fraud
Callback Phishing
Credential Phishing
Extortion
Malware/Ransomware
Reconnaissance
Spam
Tactics and Techniques
Encryption
Evasion
Exploit
Free email provider
Free file host
Free subdomain host
HTML smuggling
Image as content
Impersonation: Brand
Impersonation: Employee
Impersonation: VIP
IPFS
ISO
LNK
Lookalike domain
Macros
OneNote
Open redirect
Out of band pivot
PDF
Punycode
QR code
Scripting
Social engineering
Spoofing
Detection Methods
Archive analysis
Content analysis
Computer Vision
Exif analysis
File analysis
Header analysis
HTML analysis
Javascript analysis
Macro analysis
Natural Language Understanding
Optical Character Recognition
OLE analysis
PDF analysis
QR code analysis
Sender analysis
Threat intelligence
URL analysis
URL screenshot
Whois
XML analysis
YARA
Attack Type: Spam
Spam refers to bulk, unsolicited messages, often promoting questionable offers, fake opportunities, or irrelevant content you never asked for. These messages typically ignore basic rules around consent and use shady tactics to sneak past filters, like misspelled words (“W1NNER,” “FREEBlE”) or fake brand names that look close to the real thing (“L0WES,” “C0STC0”).
You’ve probably seen examples: work-from-home schemes with unrealistic pay, miracle health products, SEO pitches warning about your website, or companies pushing “verified” contact lists. Some spam even pretends to be part of an ongoing thread by adding fake “RE:” or “FWD:” subject lines.
Even when the emails look polished or pass authentication checks, they’re often filled with misleading claims, fake urgency, or vague references to prior contact. While not always malicious, spam clutters inboxes, wastes time, and occasionally serves as a delivery method for more serious threats.
Tactics & Techniques (13):
Evasion
Social engineering
Impersonation: Brand
Image as content
Lookalike domain
Free email provider
Free file host
Open redirect
Encryption
Free subdomain host
Exploit
Scripting
PDF
Detection Methods (12):
Content analysis
Sender analysis
URL analysis
Whois
Header analysis
Natural Language Understanding
Optical Character Recognition
HTML analysis
Computer Vision
Exif analysis
File analysis
YARA
Rule Name & Severity
Last Updated
Types, Tactics & Capabilities
Spam: Fake photo share
4d ago
Nov 8th, 2025
Sublime Security
Spam
Evasion
Social engineering
Content analysis
Sender analysis
URL analysis
Whois
Spam
Evasion
Social engineering
Content analysis
Sender analysis
URL analysis
Whois
/feeds/core/detection-rules/spam-fake-photo-share-eb086f7d
Brand impersonation: SendGrid
5d ago
Nov 7th, 2025
Sublime Security
BEC/Fraud
Credential Phishing
Spam
Impersonation: Brand
Social engineering
Content analysis
Header analysis
Natural Language Understanding
Optical Character Recognition
Sender analysis
BEC/Fraud
Credential Phishing
Spam
Impersonation: Brand
Social engineering
Content analysis
Header analysis
Natural Language Understanding
Optical Character Recognition
Sender analysis
/feeds/core/detection-rules/brand-impersonation-sendgrid-d800124f
Credential theft: Gophish abuse with hidden tracking image
7d ago
Nov 5th, 2025
Sublime Security
Spam
Evasion
Image as content
Content analysis
HTML analysis
Spam
Evasion
Image as content
Content analysis
HTML analysis
/feeds/core/detection-rules/credential-theft-gophish-abuse-with-hidden-tracking-image-59915ceb
Spam: Mastercard promotional content with image-based body
7d ago
Nov 5th, 2025
Sublime Security
Credential Phishing
Spam
Image as content
Impersonation: Brand
Social engineering
Computer Vision
Content analysis
Header analysis
Natural Language Understanding
Optical Character Recognition
Sender analysis
Credential Phishing
Spam
Image as content
Impersonation: Brand
Social engineering
Computer Vision
Content analysis
Header analysis
Natural Language Understanding
Optical Character Recognition
Sender analysis
/feeds/core/detection-rules/spam-mastercard-promotional-content-with-image-based-body-5f2cb559
Spam: Personalized subject and greetings via Salesforce Marketing Cloud
9d ago
Nov 3rd, 2025
Sublime Security
Spam
Social engineering
Content analysis
Header analysis
Spam
Social engineering
Content analysis
Header analysis
/feeds/core/detection-rules/spam-personalized-subject-and-greetings-via-salesforce-marketing-cloud-c77f127f
Spam/fraud: Predatory journal/research paper request
9d ago
Nov 3rd, 2025
Sublime Security
BEC/Fraud
Spam
Social engineering
Impersonation: Brand
Lookalike domain
Evasion
Natural Language Understanding
Content analysis
Sender analysis
URL analysis
Whois
BEC/Fraud
Spam
Social engineering
Impersonation: Brand
Lookalike domain
Evasion
Natural Language Understanding
Content analysis
Sender analysis
URL analysis
Whois
/feeds/core/detection-rules/spamfraud-predatory-journalresearch-paper-request-263ca56b
Spam: Website errors solicitation
13d ago
Oct 30th, 2025
Sublime Security
Spam
Content analysis
Sender analysis
Natural Language Understanding
Spam
Content analysis
Sender analysis
Natural Language Understanding
/feeds/core/detection-rules/spam-website-errors-solicitation-122ea794
Spam: SMTP & Proxy Communications in Email Body
14d ago
Oct 29th, 2025
Sublime Security
Spam
Free email provider
Content analysis
Spam
Free email provider
Content analysis
/feeds/core/detection-rules/spam-smtp-and-proxy-communications-in-email-body-2bdc6a3b
Spam: Ghostwriting services scam with manipulative language
26d ago
Oct 17th, 2025
Sublime Security
Spam
Social engineering
Content analysis
Sender analysis
Spam
Social engineering
Content analysis
Sender analysis
/feeds/core/detection-rules/spam-ghostwriting-services-scam-with-manipulative-language-b747c3ea
Spam: Cryptocurrency airdrop/giveaway
27d ago
Oct 16th, 2025
Sublime Security
Spam
Social engineering
Impersonation: Brand
Content analysis
Spam
Social engineering
Impersonation: Brand
Content analysis
/feeds/core/detection-rules/spam-cryptocurrency-airdropgiveaway-80a2e2fd
Brand Impersonation: Shein
28d ago
Oct 15th, 2025
Sublime Security
Credential Phishing
Spam
Impersonation: Brand
Social engineering
Computer Vision
Content analysis
Header analysis
Natural Language Understanding
Optical Character Recognition
Sender analysis
Credential Phishing
Spam
Impersonation: Brand
Social engineering
Computer Vision
Content analysis
Header analysis
Natural Language Understanding
Optical Character Recognition
Sender analysis
/feeds/core/detection-rules/brand-impersonation-shein-b5843f22
Spam: Sexually explicit Looker Studio report
1mo ago
Oct 2nd, 2025
Sublime Security
Spam
Social engineering
Free email provider
Content analysis
Sender analysis
Spam
Social engineering
Free email provider
Content analysis
Sender analysis
/feeds/core/detection-rules/spam-sexually-explicit-looker-studio-report-f1e649cd
Spam: New job cold outreach from unsolicited sender
1mo ago
Sep 29th, 2025
Sublime Security
Spam
Content analysis
Natural Language Understanding
Sender analysis
URL analysis
Spam
Content analysis
Natural Language Understanding
Sender analysis
URL analysis
/feeds/core/detection-rules/spam-new-job-cold-outreach-from-unsolicited-sender-ec39b789
Potential prompt injection attack in body HTML
1mo ago
Sep 29th, 2025
Sublime Security
Callback Phishing
Credential Phishing
Extortion
Malware/Ransomware
Spam
BEC/Fraud
Evasion
Social engineering
Header analysis
HTML analysis
Content analysis
Callback Phishing
Credential Phishing
Extortion
Malware/Ransomware
Spam
BEC/Fraud
Evasion
Social engineering
Header analysis
HTML analysis
Content analysis
/feeds/core/detection-rules/potential-prompt-injection-attack-in-body-html-5fb24736
Brand impersonation: Vanguard
1mo ago
Sep 22nd, 2025
Sublime Security
BEC/Fraud
Callback Phishing
Credential Phishing
Extortion
Malware/Ransomware
Spam
Impersonation: Brand
Natural Language Understanding
Header analysis
Sender analysis
BEC/Fraud
Callback Phishing
Credential Phishing
Extortion
Malware/Ransomware
Spam
Impersonation: Brand
Natural Language Understanding
Header analysis
Sender analysis
/feeds/core/detection-rules/brand-impersonation-vanguard-3bd048fe
Brand impersonation: Hulu
1mo ago
Sep 22nd, 2025
Sublime Security
Credential Phishing
Spam
Free email provider
Impersonation: Brand
Lookalike domain
Social engineering
Computer Vision
Header analysis
Sender analysis
Credential Phishing
Spam
Free email provider
Impersonation: Brand
Lookalike domain
Social engineering
Computer Vision
Header analysis
Sender analysis
/feeds/core/detection-rules/brand-impersonation-hulu-6833de58
Suspicious Links to Cloudflare R2 and Edge Services
1mo ago
Sep 20th, 2025
Sublime Security
BEC/Fraud
Callback Phishing
Credential Phishing
Extortion
Malware/Ransomware
Spam
Free file host
Header analysis
Sender analysis
URL analysis
BEC/Fraud
Callback Phishing
Credential Phishing
Extortion
Malware/Ransomware
Spam
Free file host
Header analysis
Sender analysis
URL analysis
/feeds/core/detection-rules/suspicious-links-to-cloudflare-r2-and-edge-services-5dd3e5c8
Reconnaissance: Email address harvesting attempt
2mo ago
Sep 5th, 2025
Sublime Security
BEC/Fraud
Credential Phishing
Spam
Free email provider
Social engineering
Content analysis
Header analysis
Sender analysis
URL analysis
BEC/Fraud
Credential Phishing
Spam
Free email provider
Social engineering
Content analysis
Header analysis
Sender analysis
URL analysis
/feeds/core/detection-rules/reconnaissance-email-address-harvesting-attempt-bb31efbc
Spam: Attendee list solicitation
2mo ago
Aug 29th, 2025
Sublime Security
Spam
Content analysis
Sender analysis
Spam
Content analysis
Sender analysis
/feeds/core/detection-rules/spam-attendee-list-solicitation-69715b62
Link: Romance/Sexual Language With Suspicious Link
2mo ago
Aug 22nd, 2025
Sublime Security
Spam
Social engineering
Content analysis
Header analysis
URL analysis
Whois
Spam
Social engineering
Content analysis
Header analysis
URL analysis
Whois
/feeds/core/detection-rules/link-romancesexual-language-with-suspicious-link-d5694cae
Page 1 of 3

Rule Name & Severity	Last Updated	Author	Types, Tactics & Capabilities
Spam: Fake photo share	4d ago Nov 8th, 2025	Sublime Security	Spam Evasion Social engineering Content analysis Sender analysis URL analysis Whois	/feeds/core/detection-rules/spam-fake-photo-share-eb086f7d
Brand impersonation: SendGrid	5d ago Nov 7th, 2025	Sublime Security	BEC/Fraud Credential Phishing Spam Impersonation: Brand Social engineering Content analysis Header analysis Natural Language Understanding Optical Character Recognition Sender analysis	/feeds/core/detection-rules/brand-impersonation-sendgrid-d800124f
Credential theft: Gophish abuse with hidden tracking image	7d ago Nov 5th, 2025	Sublime Security	Spam Evasion Image as content Content analysis HTML analysis	/feeds/core/detection-rules/credential-theft-gophish-abuse-with-hidden-tracking-image-59915ceb
Spam: Mastercard promotional content with image-based body	7d ago Nov 5th, 2025	Sublime Security	Credential Phishing Spam Image as content Impersonation: Brand Social engineering Computer Vision Content analysis Header analysis Natural Language Understanding Optical Character Recognition Sender analysis	/feeds/core/detection-rules/spam-mastercard-promotional-content-with-image-based-body-5f2cb559
Spam: Personalized subject and greetings via Salesforce Marketing Cloud	9d ago Nov 3rd, 2025	Sublime Security	Spam Social engineering Content analysis Header analysis	/feeds/core/detection-rules/spam-personalized-subject-and-greetings-via-salesforce-marketing-cloud-c77f127f
Spam/fraud: Predatory journal/research paper request	9d ago Nov 3rd, 2025	Sublime Security	BEC/Fraud Spam Social engineering Impersonation: Brand Lookalike domain Evasion Natural Language Understanding Content analysis Sender analysis URL analysis Whois	/feeds/core/detection-rules/spamfraud-predatory-journalresearch-paper-request-263ca56b
Spam: Website errors solicitation	13d ago Oct 30th, 2025	Sublime Security	Spam Content analysis Sender analysis Natural Language Understanding	/feeds/core/detection-rules/spam-website-errors-solicitation-122ea794
Spam: SMTP & Proxy Communications in Email Body	14d ago Oct 29th, 2025	Sublime Security	Spam Free email provider Content analysis	/feeds/core/detection-rules/spam-smtp-and-proxy-communications-in-email-body-2bdc6a3b
Spam: Ghostwriting services scam with manipulative language	26d ago Oct 17th, 2025	Sublime Security	Spam Social engineering Content analysis Sender analysis	/feeds/core/detection-rules/spam-ghostwriting-services-scam-with-manipulative-language-b747c3ea
Spam: Cryptocurrency airdrop/giveaway	27d ago Oct 16th, 2025	Sublime Security	Spam Social engineering Impersonation: Brand Content analysis	/feeds/core/detection-rules/spam-cryptocurrency-airdropgiveaway-80a2e2fd
Brand Impersonation: Shein	28d ago Oct 15th, 2025	Sublime Security	Credential Phishing Spam Impersonation: Brand Social engineering Computer Vision Content analysis Header analysis Natural Language Understanding Optical Character Recognition Sender analysis	/feeds/core/detection-rules/brand-impersonation-shein-b5843f22
Spam: Sexually explicit Looker Studio report	1mo ago Oct 2nd, 2025	Sublime Security	Spam Social engineering Free email provider Content analysis Sender analysis	/feeds/core/detection-rules/spam-sexually-explicit-looker-studio-report-f1e649cd
Spam: New job cold outreach from unsolicited sender	1mo ago Sep 29th, 2025	Sublime Security	Spam Content analysis Natural Language Understanding Sender analysis URL analysis	/feeds/core/detection-rules/spam-new-job-cold-outreach-from-unsolicited-sender-ec39b789
Potential prompt injection attack in body HTML	1mo ago Sep 29th, 2025	Sublime Security	Callback Phishing Credential Phishing Extortion Malware/Ransomware Spam BEC/Fraud Evasion Social engineering Header analysis HTML analysis Content analysis	/feeds/core/detection-rules/potential-prompt-injection-attack-in-body-html-5fb24736
Brand impersonation: Vanguard	1mo ago Sep 22nd, 2025	Sublime Security	BEC/Fraud Callback Phishing Credential Phishing Extortion Malware/Ransomware Spam Impersonation: Brand Natural Language Understanding Header analysis Sender analysis	/feeds/core/detection-rules/brand-impersonation-vanguard-3bd048fe
Brand impersonation: Hulu	1mo ago Sep 22nd, 2025	Sublime Security	Credential Phishing Spam Free email provider Impersonation: Brand Lookalike domain Social engineering Computer Vision Header analysis Sender analysis	/feeds/core/detection-rules/brand-impersonation-hulu-6833de58
Suspicious Links to Cloudflare R2 and Edge Services	1mo ago Sep 20th, 2025	Sublime Security	BEC/Fraud Callback Phishing Credential Phishing Extortion Malware/Ransomware Spam Free file host Header analysis Sender analysis URL analysis	/feeds/core/detection-rules/suspicious-links-to-cloudflare-r2-and-edge-services-5dd3e5c8
Reconnaissance: Email address harvesting attempt	2mo ago Sep 5th, 2025	Sublime Security	BEC/Fraud Credential Phishing Spam Free email provider Social engineering Content analysis Header analysis Sender analysis URL analysis	/feeds/core/detection-rules/reconnaissance-email-address-harvesting-attempt-bb31efbc
Spam: Attendee list solicitation	2mo ago Aug 29th, 2025	Sublime Security	Spam Content analysis Sender analysis	/feeds/core/detection-rules/spam-attendee-list-solicitation-69715b62
Link: Romance/Sexual Language With Suspicious Link	2mo ago Aug 22nd, 2025	Sublime Security	Spam Social engineering Content analysis Header analysis URL analysis Whois	/feeds/core/detection-rules/link-romancesexual-language-with-suspicious-link-d5694cae