Wednesday, May 31, 2023

American Home Warranty phishing email with subject Home Warranty Repair and Replacement Coverage

For the record, this is an American Home Warranty phishing email attempt that is recently going around, with subject "Home Warranty Repair and Replacement Coverage. $50 Off. Limited Time."

What to do?  Report them, goto bottom of page. 


From : americanhomewarranty.net <classes@strepidemical.com>
Subject : 
 Home Warranty Repair and Replacement Coverage. $50 Off. Limited Time.

                       






PHISHING LINKs;


1. 
http://strepidemical.com/?xxxxxxxxxxxxx

How to tell this is a Phishing email ?

  1. Check email address in full, if it's not from originating company then it's phishing.
  2. Hover over all links in email, if it's not from the  company's website then forget it.
  3. The best way is to 

How to examine Email Message Source ?

Now lets look at message source
  1. Outlook.com->Actions->View Message Source. 
  2. Gmail.com->More (down arrow to top right)->Show original.
Check for suspicious links, anything that does not originate from apple.com.


Report Phishing Email (not as Spam)

  1. Outlook.com->Junk (at Top)->Phishing Scam
  2. Gmail.com->More (down-arrow to top right)->Report Phishing 

Report Phishing

If you have received this email take it further at 

  1. https://www.google.com/safebrowsing/report_phish/


Report phishing at Microsoft and subsequently government agencies

  1. http://www.microsoft.com/security/online-privacy/phishing-faq.aspx
  2. Report Phishing Sites | CISA
  3. Home - Canada's Anti-Spam Legislation (fightspam.gc.ca)

Monday, May 29, 2023

Windows Rename Multiple Files and Folders with Regex - Alternative

PowerRename is a new tool that allows you a bulk rename and modify a large number of filenames. It's part of the Microsoft PowerToys is a set of utilities for power users to tune and streamline their Windows experience for greater productivity. 

However, PowerRename does not work on Windows  7, so I was on a quest to find a tool that was open source and could work on Windows 7 and above.

Top Solution To Rename Files and Folders on Windows

StExBar: The ultimate tool for Windows Explorer is open source and fully supports regular expressions with replacements. This is written in C and is incredibly fast. Runs on Windows 7 and up. Stefans Tools is well maintained and been around for years. See my post on the best regex tester application, it will blow you away. 

In image below, we are using regular expression: 

(\d*)_(.*)

to rename folders from 100_Project to 100Project (removing underscore), 

with replacement groups: $1$2




Install

Download and install x64 bit of StExBar - Stefans Tools (stefankueng.com)

Goto View->Toolbars->StExBar to show Stephan's Explorer Bar 

Open Source

https://github.com/stefankueng/tools/tree/main


Sunday, May 28, 2023

Windows Rename Multiple Files and Folders with Regex - Powerrename Alternative

PowerRename is a new tool that allows you a bulk rename and modify a large number of filenames. It's part of the Microsoft PowerToys is a set of utilities for power users to tune and streamline their Windows experience for greater productivity. 

However, PowerRename does not work for Windows 7 so I was on a quest to find a tool that was open source and could work on Windows 7 and above.

Solution To Rename Files and Folders on Windows

Métamorphose File and Folder Renamer is open source and supports regular expressions. This is written in python and is incredibly fast. Runs on Windows 7 and up. 

In example below, we are choosing DIR (for directories to be renamed) and
regular expression : \s|_|\. to remove spaces, underscores and periods from folder names.



Install

https://sourceforge.net/projects/file-folder-ren/ 

Use download button and unzip into a folder, run metamorphose.exe. Ignore the errors.  The installer is broken. 

Open Source

https://github.com/metamorphose

Enhancement Request

Enhancement request to enable regex matched groups such as $1, to be used in the "Replacement with (blank to delete)" field as a replacement value. 

Change Request - Enable Regex Groups in the replacement / rename field · Issue #8 · timinaust/metamorphose2 (github.com)


Update - Better Choice
Metadata Consulting [dot] ca: Windows Rename Multiple Files and Folders with Regex - Alternative

Saturday, May 27, 2023

Ancient Egyptian Ritual 10inch Monster Cocks phishing email with subject Male Breakthrough

For the record, this is a Ancient Egyptian Ritual 10inch Monster Cocks phishing email attempt that is recently going around, with subject "Male Breakthrough"

What to do?  Report them, goto bottom of page. 


From : MEN ONLY <admin@1placeonline.com>
Subject : 
 Male Breakthrough

                       




PHISHING LINKs;


1. 
http://mpoten.store/?xxxxxxxxxxxxx

How to tell this is a Phishing email ?

  1. Check email address in full, if it's not from originating company then it's phishing.
  2. Hover over all links in email, if it's not from the  company's website then forget it.
  3. The best way is to 

How to examine Email Message Source ?

Now lets look at message source
  1. Outlook.com->Actions->View Message Source. 
  2. Gmail.com->More (down arrow to top right)->Show original.
Check for suspicious links, anything that does not originate from apple.com.


Report Phishing Email (not as Spam)

  1. Outlook.com->Junk (at Top)->Phishing Scam
  2. Gmail.com->More (down-arrow to top right)->Report Phishing 

Report Phishing

If you have received this email take it further at 

  1. https://www.google.com/safebrowsing/report_phish/


Report phishing at Microsoft and subsequently government agencies

  1. http://www.microsoft.com/security/online-privacy/phishing-faq.aspx
  2. Report Phishing Sites | CISA
  3. Home - Canada's Anti-Spam Legislation (fightspam.gc.ca)

eHarmony phishing email with subject Love has bloomed. Find your person this spring.

For the record, this is a eHarmony phishing email attempt that is recently going around, with subject " Love has bloomed. Find your person this spring."

What to do?  Report them, goto bottom of page. 


From : eharmony Partner Now <classes@tinhkhiet.com>
Subject : 
  Love has bloomed. Find your person this spring.

                       




PHISHING LINKs;


1. 
https://tinhkhiet.com/xxxxxxxxxxxxx...

How to tell this is a Phishing email ?

  1. Check email address in full, if it's not from originating company then it's phishing.
  2. Hover over all links in email, if it's not from the  company's website then forget it.
  3. The best way is to 

How to examine Email Message Source ?

Now lets look at message source
  1. Outlook.com->Actions->View Message Source. 
  2. Gmail.com->More (down arrow to top right)->Show original.
Check for suspicious links, anything that does not originate from apple.com.


Report Phishing Email (not as Spam)

  1. Outlook.com->Junk (at Top)->Phishing Scam
  2. Gmail.com->More (down-arrow to top right)->Report Phishing 

Report Phishing

If you have received this email take it further at 

  1. https://www.google.com/safebrowsing/report_phish/


Report phishing at Microsoft and subsequently government agencies

  1. http://www.microsoft.com/security/online-privacy/phishing-faq.aspx
  2. Report Phishing Sites | CISA
  3. Home - Canada's Anti-Spam Legislation (fightspam.gc.ca)

Thursday, May 25, 2023

The Top Regular Expression Testing App for 2023

The Top Regular Expression Testing App for 2023

Top Pick - Netspresso Lite because it is the only regular expression (regex) testing application that application that highlights replacements, not just matches.  

Netspresso Lite App

Features

  • Save regular expression project
  • Generates a node for each match
  • Each node expands to subgroups 
  • Locates each matches and subgroups in input test data
  • Generated a node for each replacement
  • Locates each replacement and subgroups in live generated replaced input test data and sub-groups, www 1st 
  • .NET code generation for match groups, Regex.Replace and Regex.Split.
  • .NET Language Regex Supported 








Matches are highlighted in node tree - explained

Netspresso Lite highlights named regular expressions 

(?<Month>\d{1.2})

see screen capture in the Regular Expression field.

In screen capture below Match Nodes are accessed in light green area, Replacement Nodes are accessed in the cyan (light blue) area


Clicking each match highlights and locates the match in the Test Input Data!

Netspresso Lites creates an expandable node tree for matches (named or number) and replacements.



That means each match appears as a node number, 1. "12/25/02" above there are 4 matches found.

Within each match you expand it to get the details of each match. 

Each match is broken down into subgroups of the match. Subgroup are delineated by parenthesis () in the regular expression,  (?<Month>\d{1.2}). 

Each subgroup match group is a number followed by value 
or name group, 1 Month: "12" - Month named group matched yields value 12. 


Likewise, replacements are highlighted - explained

Click on a node and it will locate and highlight it in the replacement test data! 





In image above, the replacement 3 1.$3 'Year': "02", means the 3rd item is matched only once, and with subgroup $3, named 'Year' with replacement value "02 ". In screen capture above, the group is located in the rendered replacement input test data. 



Where can I get it?

Netspresso Lite is one of 20 power tools available in Clipboard Plaintext PowerTool
The only tool to expand and explains regex matches and substitutions, another world wide 1st.

Wednesday, May 24, 2023

Meet Ukranian Women phishing email with subject Enjoy with me

For the record, this is a Meet Ukranian Women phishing email attempt that is recently going around, with subject "Enjoy with me"

What to do?  Report them, goto bottom of page. 


From : From Larysa <h4A1TeWcpa1S@farrelwebsite.my.id>
Subject : 
 Re: Enjoy with me!

                       


PHISHING LINKs;


1. 
http://satoshipink.africa/?xxxxxxxxxxxxx

How to tell this is a Phishing email ?

  1. Check email address in full, if it's not from originating company then it's phishing.
  2. Hover over all links in email, if it's not from the  company's website then forget it.
  3. The best way is to 

How to examine Email Message Source ?

Now lets look at message source
  1. Outlook.com->Actions->View Message Source. 
  2. Gmail.com->More (down arrow to top right)->Show original.
Check for suspicious links, anything that does not originate from apple.com.


Report Phishing Email (not as Spam)

  1. Outlook.com->Junk (at Top)->Phishing Scam
  2. Gmail.com->More (down-arrow to top right)->Report Phishing 

Report Phishing

If you have received this email take it further at 

  1. https://www.google.com/safebrowsing/report_phish/


Report phishing at Microsoft and subsequently government agencies

  1. http://www.microsoft.com/security/online-privacy/phishing-faq.aspx
  2. Report Phishing Sites | CISA
  3. Home - Canada's Anti-Spam Legislation (fightspam.gc.ca)

Monday, May 22, 2023

Malicious Exploits has hit VSCode Extensions Marketplace

Even innocuous items like themes are under threat by malware writers. Theme Dracula dark, not to be confused with Dark-Dracula Theme and 4986 others, is one such theme infected by malware and pointed out by CheckPoint. Removed by Microsoft, but now what extensions can you trust?  Same old opens source problem, you pay for what you get.


Source Article : VSCode Security: Malicious Extensions Detected- More Than 45,000 Downloads- PII Exposed, and Backdoors Enabled - Check Point Blog

Saturday, May 20, 2023

Walmart phishing email with subject FW $500 Giftcard

For the record, this is a Walmart phishing email attempt that is recently going around, with subject "Giftcard"

What to do?  Report them, goto bottom of page. 


From : _Walmart_ <business.accountsgxNIQBn6lcO6@icumed.com>
Subject : 
 FW Giftcard

                       





PHISHING LINKs;


1. 
http://robotcooking.info/?xxxxxxxx....

How to tell this is a Phishing email ?

  1. Check email address in full, if it's not from originating company then it's phishing.
  2. Hover over all links in email, if it's not from the  company's website then forget it.
  3. The best way is to 

How to examine Email Message Source ?

Now lets look at message source
  1. Outlook.com->Actions->View Message Source. 
  2. Gmail.com->More (down arrow to top right)->Show original.
Check for suspicious links, anything that does not originate from apple.com.


Report Phishing Email (not as Spam)

  1. Outlook.com->Junk (at Top)->Phishing Scam
  2. Gmail.com->More (down-arrow to top right)->Report Phishing 

Report Phishing

If you have received this email take it further at 

  1. https://www.google.com/safebrowsing/report_phish/


Report phishing at Microsoft and subsequently government agencies

  1. http://www.microsoft.com/security/online-privacy/phishing-faq.aspx
  2. Report Phishing Sites | CISA
  3. Home - Canada's Anti-Spam Legislation (fightspam.gc.ca)

Wednesday, May 10, 2023

iCloud phishing email with subject Re: Your Cloud storage might be full

For the record, this is a iCloud phishing email attempt that is recently going around, with subject "Re: Your Cloud storage might be full"

What to do?  Report them, goto bottom of page. 


From : Cloud Storage <warehouse@stem.net.nz>
Subject : 
 Re: Your Cloud storage might be full

                       




PHISHING LINKs;


1. 
http://everasolutions.store/?xxxxxxxxxxxxx

How to tell this is a Phishing email ?

  1. Check email address in full, if it's not from originating company then it's phishing.
  2. Hover over all links in email, if it's not from the  company's website then forget it.
  3. The best way is to 

How to examine Email Message Source ?

Now lets look at message source
  1. Outlook.com->Actions->View Message Source. 
  2. Gmail.com->More (down arrow to top right)->Show original.
Check for suspicious links, anything that does not originate from apple.com.


Report Phishing Email (not as Spam)

  1. Outlook.com->Junk (at Top)->Phishing Scam
  2. Gmail.com->More (down-arrow to top right)->Report Phishing 

Report Phishing

If you have received this email take it further at 

  1. https://www.google.com/safebrowsing/report_phish/


Report phishing at Microsoft and subsequently government agencies

  1. http://www.microsoft.com/security/online-privacy/phishing-faq.aspx
  2. Report Phishing Sites | CISA
  3. Home - Canada's Anti-Spam Legislation (fightspam.gc.ca)