@@ -65,7 +65,9 @@ source: |
6565 '* had a passion for music*',
6666 '* appreciates music*',
6767 "* special piece*",
68- "* a lot of meaning*"
68+ "* a lot of meaning*",
69+ "* profound sentimental*",
70+ '* will cherish*'
6971 )
7072 )
7173 and (
@@ -84,7 +86,8 @@ source: |
8486 '* indicate your interest *',
8587 '* to someone you know *',
8688 '* know someone who *',
87- '* someone you know would *'
89+ '* someone you know would *',
90+ '* someone who will *'
8891 )
8992 or regex.icontains(body.current_thread.text,
9093 'if you[^\r\n]{0,20}(?:(?:might|will|would) be|are)[^\r\n]{0,20}interested',
@@ -177,7 +180,9 @@ source: |
177180 '* had a passion for music*',
178181 '* appreciates music*',
179182 "* special piece*",
180- "* a lot of meaning*"
183+ "* a lot of meaning*",
184+ "* profound sentimental*",
185+ '* will cherish*'
181186 )
182187 )
183188 and (
@@ -195,7 +200,8 @@ source: |
195200 '* indicate your interest *',
196201 '* to someone you know *',
197202 '* know someone who *',
198- '* someone you know would *'
203+ '* someone you know would *',
204+ '* someone who will *'
199205 )
200206 or regex.icontains(file.parse_text(.).text,
201207 'if you[^\r\n]{0,20}(?:(?:might|will|would) be|are)[^\r\n]{0,20}interested',
@@ -240,7 +246,6 @@ source: |
240246 )
241247 // person provides piano lessons and offers to give a Roland baby-grand away
242248 and not sender.email.domain.root_domain == 'ridleyacademy.com'
243-
244249attack_types :
245250 - " BEC/Fraud"
246251tactics_and_techniques :
@@ -252,4 +257,4 @@ detection_methods:
252257id : " 23e1ab26-3449-5907-ab19-650797e9c12d"
253258og_id : " 1a91a203-b1fe-52b7-9f71-cecdbf5cdce0"
254259testing_pr : 3035
255- testing_sha : af7640680da35aa0d1f3ad7728f1db48febed384
260+ testing_sha : 9861dd2f8ac484f8407560ac0b28725f1046d641
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?v=4&size=40){kind=avatar}
0 commit comments