Detection Method: URL analysis

URL analysis scans links in emails, attachments, or embedded content to find malicious destinations aimed at stealing your credentials, delivering malware, or launching other types of attacks. This method looks at key factors like the structure of the URL, redirection paths, domain reputation, and what the link shows when clicked.
URL analysis can help you detect:
  • Phishing sites pretending to be trusted login pages
  • Malicious domains hidden through URL shorteners or redirects
  • Login forms on suspicious or newly registered domains
  • Brand impersonation using slight domain tweaks (typosquatting or homograph attacks)
  • Suspicious URLs with weird characters or unusual patterns
For example, attackers often use redirect chains to hide their final destination from security scanners. With URL analysis, we can follow these redirects to reveal the true destination and assess the potential threat.
Rule Name & Severity
Last Updated
Author
Types, Tactics & Capabilities
Link: Free file host link with 'Important Viewing Note' lure
19h ago
Jul 15th, 2026
Sublime Security
Link: Multistage landing - Abused Adobe Acrobat hosted PDF
2d ago
Jul 14th, 2026
Sublime Security
Link: Fraudulent state business filing notice
2d ago
Jul 14th, 2026
Sublime Security
Open redirect: Diesel.az
2d ago
Jul 14th, 2026
Sublime Security
Link: Self-sender with IP geolocation check and suspicious link behavior
2d ago
Jul 14th, 2026
Sublime Security
Service abuse: Microsoft Forms Pro with suspicious links or QR codes
2d ago
Jul 14th, 2026
Sublime Security
Brand impersonation: Government / Tax Authority document lure
2d ago
Jul 14th, 2026
Sublime Security
Service abuse: Notion free-tier account impersonating VIP
2d ago
Jul 14th, 2026
Sublime Security
Malformed URL prefix
2d ago
Jul 14th, 2026
Sublime Security
Credential phishing: Blue button styled link with file-sharing template artifacts
8d ago
Jul 8th, 2026
Sublime Security
Service abuse: SurveyMonkey with suspicious outbound links
8d ago
Jul 8th, 2026
Sublime Security
Zoom Events newsletter abuse
8d ago
Jul 8th, 2026
Sublime Security
Suspicious Office 365 app authorization (OAuth) link
14d ago
Jul 2nd, 2026
Sublime Security
Open redirect: JustPaste.it
14d ago
Jul 2nd, 2026
Sublime Security
Spam: Fake photo share
15d ago
Jul 1st, 2026
Sublime Security
Attachment: Romance scam with image lure and advance-fee or suspicious link indicators
15d ago
Jul 1st, 2026
Sublime Security
Credential phishing: Onedrive impersonation
16d ago
Jun 30th, 2026
Sublime Security
Link: Google Cloud Storage link with index.php in URL
16d ago
Jun 30th, 2026
Sublime Security
Link: Google Cloud Storage redirect to external domain
16d ago
Jun 30th, 2026
Sublime Security
Link: Google Cloud Storage with short-path link delivery
16d ago
Jun 30th, 2026
Sublime Security