Skip to content

New rule (Spam): Mastercard promotional content #3416

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Nov 5, 2025
Merged

New rule (Spam): Mastercard promotional content #3416

merged 3 commits into from
Nov 5, 2025

Conversation

@aidenmitchell
Copy link
Member

@aidenmitchell aidenmitchell commented Oct 17, 2025

Description

Detects messages promoting untrustworthy Mastercard credit cards that contain both financial communications and promotional content topics, with the message body primarily consisting of image content rather than text. Excludes legitimate payment-related Mastercard communications and applies additional scrutiny to high-trust sender domains that fail DMARC authentication.

Associated samples

@aidenmitchell
New rule (Spam): Mastercard promotional content
cee77c6 
This rule detects spam messages promoting untrustworthy Mastercard credit cards, focusing on messages with image-based content. It applies additional scrutiny to high-trust sender domains that fail DMARC authentication.
@aidenmitchell aidenmitchell requested a review from a team as a code owner October 17, 2025 17:03
@github-actions github-actions bot added the in-test-rules PR is in our testing suite to collect telemetry label Oct 17, 2025
github-actions bot added a commit that referenced this pull request Oct 17, 2025
@github-actions
[PR #3416] added rule: Spam: Mastercard promotional content with imag…
685f474 
…e-based body
@aidenmitchell
Copy link
Member Author

aidenmitchell commented Nov 3, 2025

Latest hunt looks good: https://platform.sublime.security/messages/hunt?huntId=019a4ae6-f63a-7048-ad2b-9c8fb4640e8e

@aidenmitchell aidenmitchell added the review-needed Indicates that a PR is waiting for review label Nov 3, 2025
github-actions bot added a commit that referenced this pull request Nov 3, 2025
@github-actions
[PR #3416] modified rule: Spam: Mastercard promotional content with i…
a6d6dcc 
…mage-based body
@aidenmitchell aidenmitchell added this pull request to the merge queue Nov 5, 2025
Merged via the queue into main with commit d36b5db Nov 5, 2025
3 checks passed
@aidenmitchell aidenmitchell deleted the aiden.new.mastercardspam branch November 5, 2025 17:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@zoomequipd zoomequipd zoomequipd approved these changes

Assignees

No one assigned

Labels

in-test-rules PR is in our testing suite to collect telemetry review-needed Indicates that a PR is waiting for review

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@aidenmitchell @zoomequipd