Tuesday, May 31, 2016

How to get through any SPAM filter Gmail or Outlook - pose as Insurance Broker

Recently I relieved the following email from Cosmos Insurance Brokers LLC that was not caught by Gmail or Outlook SPAM filters. It because this is a click link generator SPAM, so there nothing malicious about the code there just trying to get you to download and open Documents.html to drive traffic to http://michellej.com.br and it mentions Insurance co.  Clearly it did not scan the link.





The text of email message for search engines;

Hello,

Please check the document i shared with you, see the attachment within for your perusal.

Best Regards
Sneha Prasad
 

Medical Insurance Executive

Cosmos Insurance Brokers LLC
Office No.301, Building 1,
Bay Square, Business Bay,
PO Box 33913, Dubai, UAE

Protection is cheaper than cure!!

T:  + 971 4 447 0506 Extn:729
F:   + 971 4 363 1620
Best Regards

E:sneha@cosmosinsurance.com W: www.cosmosinsurance.com -------------------------------------------------
Sharjah Branch: 7/28, above Noor Islamic Bank, Rolla, Boorj Avenue, Sharjah Tel: + 971 6 568 4242 Fax: + 971 6 568 3939/568 23 13
 
STRICTLY PRIVATE AND CONFIDENTIAL: This email may contain confidential and proprietary material for the sole use of the intended recipient.Any review or distribution by others is strictly prohibited. If you are not the intended recipient please contact the sender and delete all copies.

This in part to do with the payload documents.html really is just a link generator pointing to this site

http://michellej.com.br

Looks like the rise of this sort of SPAM is coming and very hard to detect.

Phishing Email: Gmail Support

A recent phishing email disguised as Gmail Service and has been tagged as SPAM in Gmail so its been addressed with appropriately. This is here for the record, and to reveal the offending URL that this is try to get you to.


Saturday, May 28, 2016

Build Canada 2016 - signup now for June 16

Thursday, May 26, 2016

The Apple Software Update server could not be found.

If you running Apple Software Update version 2.2 and you are getting 

"The Apple Software Update server could not be found. Check your Internet settings and try again." pop-up error.




The following solution might resolve your error.


  1. Navigate to Internet Options - Start ->Control Panel -> Internet Options or search for "Internet Options". In IE choose Tools->Internet options.  This setting is not available in Edge browser. Original IE Internet options still acts as the global Windows internet settings, and was removed in Edge. 


  2. Open the Advanced tab and scroll to Security section.
    Un-check "Do not save encrypted pages to disk"



    3. Click Apply then Okay, and it should resolve you problem.


Explanation of "Do not save encrypted pages to disk" 


Originally in IE 9, this option was an attempt to prevent files like .exe from being download from a secure and encrypted connect designated by HTTPS://......, for example

https://download.microsoft.com/download/B/4/7/B4707E08-AD5E-4A32-BFF0-F3ED6C9C0200/enu/Silverlight5_Tools.exe

In the case of Apple Software Update, it requests a file that needs to run over HTTPS and save IE's temporary folder. This setting will prevent the file from being download and running. 

There is some debate as too the function of this after IE10 and in IE11, but this setting did the job and in IE11. 







Displaying pastedImage.png
Displaying pastedImage.pngDisplaying pastedImage.png

Wednesday, May 25, 2016

How to Embed a PowerPoint deck into a Website 2016

  1. Upload your PowerPoint deck to Microsoft OneDrive for initial upload and open from there.
  2. To open in PowerPoint Online, click and select Open, or left-click to Open in PowerPoint Online

  3.  Naturally you'll want to click the Share with people(1), but the Embed option is not in the resultant window. You can share a link to other people to edit or view.

  4. Work around. You have to click Edit Presentation and choose Edit in Browser

  5. Now to get embed code goto File(1) and click Share(2) and on the Share page choose Embed(3).



  6.  The Embed page will appear with the Generate HTML code. Click Generate button.

  7. Choose the Interaction chevron to display "Use default autoadvance settings from file" to auto play the deck, if you like. This can only be set up in your PowerPoint App/Desktop. To create self-running presentation in PowerPoint refer to this Office Help link .




























    Once you happy with your options, click grab your html from the Embed Code textbox.

8. Result, familiarize yourself with the icons on the bottom "status bar" of the Excel Spreadsheet.


Sunday, May 22, 2016

How to Embed a PDF with full preview into your Website - OneDrive 2016

Microsoft's OneDrive online is constantly evolving, and this is an update to and older 2014 post. Functionality has changed significantly to warrant a new post.

OneDrive allows you to embed entire documents (pdfs, .docx...) in your webpage without leaving your browser. That's right the you can embed entire Office documents including PDFs to be view fully in your webpage, without downloading the document. OneDrive guys really nailed this functionality down! 

A word of caution using PDFs, they are notoriously known to be full of malware, and you may be spreading a virus and don't even know it. I wrote an post on
locking down PDFs as much as possible. But why download a PDF, when you can let your user full preview you PDF online!

This is where Microsoft OneDrive  and Office shines, allowing you to post into your post to host embedded documents.

Let's start, here's How to Embed a PDF in your Website

1. Uploaded your desired PDF to Microsoft's OneDrive, and Select(1) the document and click more icon ... to reveal the additional choices and then click on Embed(2).
   
































OR even simpler right-click on document tile and choose
Embed

2. This will open the Embed fly-out pane to the right. Choose Generate to get HTML embed ode.


3. The embed preview page will now appear in the fly-out pane to the right. It presents a mini-preview how the PDF will appear on your blog. Take note of the active icons in the status line.

Now you can grab the simple embed HTML code from textbox(1), but what's missing is the ability to customize.

Here's where there's an API change from 2016 to 2014, there is no ability for a user to change the width and height of the preview window and the ability to set the Start on Page!

Start on Page
means when you load the PDF, it will start on page number you define! (see below in step 5.)


Setting 1st page to start the PDF on code is not revealed here. Changing width and height is easy enough in code, if you comfortable with HTML.


Tip! For most posts you'll want to set width="100%" to automatically expand to size of your blog page.


But there's a solution, to get detailed embed customization screen click Full Screen icon(2).


4. This will bring you Word Online click(1) ... to reveal and click Embed(2).



















5. Advance Embed Options Screen will now be revealed.

Click the chevron(1) to reveal Interaction options. Why this is hidden by default(?) baffles me.

Now you can choose Start on Page !!!!! and the width, height, etc.







6. Grab Embed Code and paste into your webpage.

7. Below is the preview of PDF used in this post - Working LIVE Demo below



Tip! You can right-click the PDF for zoom factors ! Setting a custom zoom level would be nice!





However, I did notice that it's not obvious in the above embed control how to scroll through pages of the embedded PDF. A nice feature would be able to jump to page x.

8. Add the following Tip Caption to your website.

Embedded Document Tip!  Click in the document to enable; Scrolling by mouse wheel, Page up/Page down or up/down arrow keys; Zoom - right-click  for options


Here's the code for the tip.

Saturday, May 21, 2016

How to Embed an Excel Spreadsheet into a Webpage

  1. Before you upload your Excel file do as much formatting in Excel as possible, online functionality is limited.

    Tip! Presort your table, by column before uploading. Sorting by a column online, was painful.
    Tip! For formatting online make sure your table header text fits into 1 row.

  2. Upload your Excel Spreadsheet to Microsoft OneDrive for initial upload and open from there.



    You can do it from Excel Online interface link provided at bottom left, this just saves you a step and redirects to OneDrive which can mislead you.

    Thereafter, the file will appear in your recent list for easy access.


  3.  To get embed code, you first have to Edit Workbook in

  4. You can do some mild formatting, again editing Excel Online is limited.

    Now to get get embed code you'll want to hit the Share button(1) and click Link to use to embed content and then Show embed instructions(2). Unfortunately, at the time of writing this article this was not working for me. It has been reported on Excel Online Forum.



  5. Now for the workaround. Goto File(1) and click Share(2) and on the Share page choose Embed(3).















  6.  The Embed page will appear. Customize your options.

    Tip! To get the full table to show with totals, I had to select Select a Range(2) and add the create a table reference.

    You can get the reference to your table by copying from Always start with this cell(1) and add the last cell. In image below, this is 'Sheet1'!A1, this will give you sheet name and generally defaults to 1st cell of the sheet. Double check this. Then add the last cell,  'Sheet1'!A1:H9 in this case, and describes a table of width A to H, and height 1 to 9.

    Selecting Table2 in example image below, did not show totals. I selected totals to be show under "Format as Table" office strip but this did not work.

    Once you happy with your options, click grab your Embed Code(3) textbox.




























5. Result, please note the icons on the bottom "status bar" of the Excel Spreadsheet.

View live demo of the above example, in my post Ransomware Heat Map Spring 2016.

6. Lastly, Vote for my Excel Online improvement with the folks at Microsoft. It would help!

If you uncheck "Include a download link", then you should disable "View Full-Size Workbook"(1) icon.

















Vote to prevent your source Excel Worksheet from being download.

Click link below. This improvement then makes this a true Excel viewer!

https://excel.uservoice.com/forums/274580-excel-online/suggestions/13988391--embed-if-you-uncheck-include-a-download-link

Friday, May 20, 2016

Ransomware Heat Map Spring 2016

Ransomware is the new darling of rogueware developers and cyber-criminals, who can pay large amounts to developers because it has proven to be such a good source of money for cyber-criminals. Listen up corporations, pay your IT folks better because talent is being sucked up by the darknet.

There has been a huge increase in the number of ransomeware variants of this type including Cryptowall, CTB-Locker, Teslacrypt, Chimera and now you can Cerber to the list. 
Here's the current Ransomware Heat Map for 1st 3 months of 2016, according to Microsoft.

Image Source: Microsoft Malware Protection Center (image lightened for readability)












The numbers (for above graphic) and listed in article as a basic table that just list ransomeware total counts by country. It was unsavory because the numbers were not in context of actual online internet users by country.

So I created the following Excel file adding population figures by country to get the Ransomware per Internet Users(or Capita) percentage, which is put the Ransomeware Machine Count numbers in greater context.


The embedded Excel file below is revealing. Scrolling to right, and a simple calculation nets ransomware to a be a projected $263,753,000.00 USD for countries listed in 2016.

This is a working (embedded) Excel file using
Microsoft Excel Online excellent share feature!



Conclusions 

Italy has the highest ransomware infection rate per active internet users(capita), followed by Canada and then United States.
  1. Italy wins 1st prize for most gullible country award, or least protected. Capisci!
  2. Canada is 2nd most gullible country for ransomware, or least protected, eh!
  3. USA is 3rd most gullible country for ransomware. What??
The results do defy some standard held beliefs that North America are the most technological savvy internet users.

Sources
https://blogs.technet.microsoft.com/mmpc/2016/05/18/the-5ws-and-1h-of-ransomware/
http://www.internetworldstats.com/

Recent Ransomware Threats 

Chimera Ransomware

Recently, one more joined this set are malware encrypting user’s private files and demanding ransom for decrypting it is Chimera is one is command and control mechanism uses a peer-to-peer messaging system called Bitmessage, a good piece of engineering, but in the wrong hands.  
  • Bitmessage is a P2P communications protocol used to send encrypted messages to another person or to many subscribers. It is decentralized and trustless, meaning that you need-not inherently trust any entities like root certificate authorities. It uses strong authentication which means that the sender of a message cannot be spoofed, and it aims to hide "non-content" data, like the sender and receiver of messages, from passive eavesdroppers like those running warrantless wiretapping programs. If Bitmessage is completely new to you, you may wish to start by reading the whitepaper
Inner workings of Chimera
https://blog.malwarebytes.org/threat-analysis/2015/12/inside-chimera-ransomware-the-first-doxingware-in-wild/

Cerber Ransomware


When you computer is infected with Cerber a victim's data files will be encrypted using AES encryption and will be told they need to pay a ransom of 1.24 bitcoins or ~500 USD to get their files back. Unfortunately, at this point there is no known way to decrypt a victim's encrypted files for free! That's why you need to be concerned.

Here's How Cerber Works in detail
https://blog.malwarebytes.org/threat-analysis/2016/03/cerber-ransomware-new-but-mature/

Tuesday, May 10, 2016

PayPal Free Shipping Refund Launched good from April 14, 2015 through January 31, 2017

PayPal Free Shipping Refund 


This no fee service is good for people that want to shop online without having to worry about the burden of their return shipping costs. 

You have 14 calendar days to submit the refund claim from the date the item is returned to the merchant. You are eligible to receive up to 10 Refunds in a given calendar year (e.g. the calendar year ending December 31, 2015) up to $30. 

There is a cap per Refund request of $30. Only one refund is allowed per PayPal transaction ID. If you return several copies of the same item, from the same transaction, at once, that will be considered as a single return which will be subject to the applicable refund cap.

Effective from April 14, 2015 through January 31, 2017

HOW IT WORKS



1. Return your item

Return the item directly to the seller following their return instructions. Remember to keep a copy of your return shipping receipt.

2. Submit a refund request

Visit the claim portal and fill in the online form. Add your purchase and return shipping receipts to the form. Click submit and request your refund.

3. Receive your refund

You’ll see a refund of up to $30 in your PayPal balance within 10 days for all approved claims.