Targeting: Specific AOL address

calendar Mar 31, 2026  ยท
Share on: linkedin copy

Message targeting a specific AOL address (me@aol.com) with a single recipient.

Sublime rule (View on GitHub)

 1name: "Targeting: Specific AOL address"
 2description: "Message targeting a specific AOL address (me@aol.com) with a single recipient."
 3type: "rule"
 4severity: "medium"
 5source: |
 6  type.inbound
 7  and length(recipients.to) == 1
 8  and recipients.to[0].email.email == "me@aol.com"  
 9
10attack_types:
11  - "Spam"
12tactics_and_techniques:
13  - "Social engineering"
14detection_methods:
15  - "Header analysis"
16id: "c10dfad4-a040-5969-8659-e9c62ade0dc7"
to-top