You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
name: "Spam: Mastercard promotional content with image-based body"
2
+
description: "Detects messages promoting untrustworthy Mastercard credit cards that contain both financial communications and promotional content topics, with the message body primarily consisting of image content rather than text. Excludes legitimate payment-related Mastercard communications and applies additional scrutiny to high-trust sender domains that fail DMARC authentication."
3
+
type: "rule"
4
+
severity: "low"
5
+
source: |
6
+
type.inbound
7
+
and any(ml.nlu_classifier(beta.ocr(file.message_screenshot()).text).topics,
8
+
.name == "Financial Communications"
9
+
)
10
+
and any(ml.nlu_classifier(beta.ocr(file.message_screenshot()).text).topics,
11
+
.name == "Advertising and Promotions"
12
+
)
13
+
14
+
// mastercard mention
15
+
and strings.icontains(beta.ocr(file.message_screenshot()).text, "mastercard")
16
+
and not strings.icontains(beta.ocr(file.message_screenshot()).text,
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?v=4&size=40){kind=avatar}
0 commit comments