Metadata Consulting [dot] ca - Award Winning Software Blog

Thursday, April 16, 2020

Tuesday, April 14, 2020

MS Edge v84 pasting in Gmail and Blogger not working

Recently as of April 10th 2020, I have been trying to paste text into Gmail and Blogger and its been blocked. Pasting (CTRL-V) has been blocked using Microsoft's Edge in Google properties. Specifically, I have been using MS Edge Version 84.0.484.0 (Official build) canary (64-bit).

I find after composing/revisiting 3 emails in Gmail, the paste function fails.

This does work in Chrome and Firefox and MS Edge version 81.0.416.53.

Keyboard Testing tool indicates Paste key used, CNTRL and V

All of the sites that Gmail uses have been added to

Added all exceptions to Gmail and Blogger sites, but still not working.

Even if I turn off all Tracking prevention, pasting still does not work.

There are huge number of JavaScript errors in this page, as well in Chrome.

Adding the domains (in error/that are red) to exception tracking of MS Edge did not work.

Friday, April 10, 2020

Sextortion Phishing Email with Pawned Password

For the record, old sextortion phishing email attempt that is recently going around.
They typically use pawned passwords for greater effect, but these records are old and generally not current. BUT if you do not change your password yearly, you could be in trouble. Note: Current min password length is 20 characters long.

Check if you have a user id and password that has been hacked - here.

What to do? Report them, goto bottom of page.

From : Cinda Katz <lxharwilllnni@outlook.com>

Subject : USERNAME : PASSWORD - FROM OLD PAWNED DATABASE

I’m aware that is your password,” reads the salutation.

You don’t know me and you’re thinking why you received this e mail, right?

Well, I actually placed a malware on the porn website and guess what, you visited this web site to have fun (you know what I mean). While you were watching the video, your web browser acted as a RDP (Remote Desktop) and a keylogger which provided me access to your display screen and webcam. Right after that, my software gathered all your contacts from your Messenger, Facebook account, and email account.

What exactly did I do?

I made a split-screen video. First part recorded the video you were viewing (you’ve got a fine taste haha), and next part recorded your webcam (Yep! It’s you doing nasty things!).

What should you do?

Well, I believe, $1400 is a fair price for our little secret. You’ll make the payment via Bitcoin to the below address (if you don’t know this, search “how to buy bitcoin” in Google).

BTC Address: 1Dvd7Wb72JBTbAcfTrxSJCZZuf4tsT8V72

(It is cAsE sensitive, so copy and paste it)

Important:

You have 24 hours in order to make the payment. (I have an unique pixel within this email message, and right now I know that you have read this email). If I don’t get the payment, I will send your video to all of your contacts including relatives, coworkers, and so forth. Nonetheless, if I do get paid, I will erase the video immidiately. If you want evidence, reply with “Yes!” and I will send your video recording to your 5 friends. This is a non-negotiable offer, so don’t waste my time and yours by replying to this email.

How to tell this is a Phishing email ?

Check email address in full, if it's not from originating company then it's phishing.
Hover over all links in email, if it's not from the company's website then forget it.
The best way is to look at message source, see below.