Attack Type: Spam

Spam refers to bulk, unsolicited messages, often promoting questionable offers, fake opportunities, or irrelevant content you never asked for. These messages typically ignore basic rules around consent and use shady tactics to sneak past filters, like misspelled words (“W1NNER,” “FREEBlE”) or fake brand names that look close to the real thing (“L0WES,” “C0STC0”).
You’ve probably seen examples: work-from-home schemes with unrealistic pay, miracle health products, SEO pitches warning about your website, or companies pushing “verified” contact lists. Some spam even pretends to be part of an ongoing thread by adding fake “RE:” or “FWD:” subject lines.
Even when the emails look polished or pass authentication checks, they’re often filled with misleading claims, fake urgency, or vague references to prior contact. While not always malicious, spam clutters inboxes, wastes time, and occasionally serves as a delivery method for more serious threats.
Rule Name & Severity
Last Updated
Author
Types, Tactics & Capabilities
Spam: Website errors solicitation
10d ago
Jul 6th, 2026
Sublime Security
Spam: Fake photo share
15d ago
Jul 1st, 2026
Sublime Security
Attachment: Romance scam with image lure and advance-fee or suspicious link indicators
15d ago
Jul 1st, 2026
Sublime Security
Link: Google Cloud Storage redirect to external domain
16d ago
Jun 30th, 2026
Sublime Security
Link: Google Cloud Storage with short-path link delivery
16d ago
Jun 30th, 2026
Sublime Security
Link: Suspicious single-domain link with suspicious path and financial lure indicators
20d ago
Jun 26th, 2026
Sublime Security
Body: Invisible Unicode obfuscation student loan callback phishing
21d ago
Jun 25th, 2026
Sublime Security
Service abuse: Google Firebase sender address with suspicious content
28d ago
Jun 18th, 2026
Sublime Security
Link: Romance/Sexual Language With Suspicious Link
29d ago
Jun 17th, 2026
Sublime Security
Fake thread with suspicious indicators
29d ago
Jun 17th, 2026
Sublime Security
Link: Observed URL pattern with specific domain registrar
1mo ago
Jun 12th, 2026
Sublime Security
Spam: BlackBaud infrastructure abuse
1mo ago
Jun 5th, 2026
Sublime Security
Spam: Default Microsoft Exchange Online sender domain (onmicrosoft.com)
1mo ago
Jun 5th, 2026
Sublime Security
Spam: Single recipient duplicated in cc
1mo ago
Jun 5th, 2026
Sublime Security
Service abuse: Microsoft with suspicious indicators in subject
1mo ago
May 19th, 2026
Sublime Security
Service abuse: Demio notifications with suspicious content patterns
2mo ago
May 11th, 2026
Sublime Security
Service Abuse: Zoom with freemail reply-to and recipient address in greeting
2mo ago
May 6th, 2026
Sublime Security
Service abuse: Zoom with newly registered reply-to domain
2mo ago
May 4th, 2026
Sublime Security
Attachment: Calendar invite with suspicious link leading to an open redirect
2mo ago
Apr 28th, 2026
Sublime Security
Link: Google Calendar invite linking to an open redirect from an untrusted freemail sender
2mo ago
Apr 28th, 2026
Sublime Security