This detection rule is designed to identify phishing attempts that utilize Base64 encoding in order to conceal the targeted recipient's email address within a URL fragment. Specifically, it targets messages that contain a subject line with an alphanumeric string ranging from 32 to 64 characters. This substring is often used to personalize malicious links, which can make them more effective by appearing legitimate. The detection logic scans inbound message types, extracts potential alphanumeric strings from the subject using a regex expression, and verifies their presence in the fragment of the URLs contained in the message body. Additionally, it checks whether these fragments are Base64-encoded representations of the recipient's email address. The rule is categorized under low severity due to its specific targeting of credential phishing attacks, employing tactics of evasion and social engineering through URL and header analysis techniques.