11 Sep 2020

MacroExpress Magically Automates Large and Small Tasks

MacroExpress is an application that has been on every Windows computer I've used since sometime in the late 1990s. It's one of those rare applications that I consider to be absolutely essential.

At its most simple, MacroExpress replaces one set of keystrokes with another. For example, I created a text file when I started compiling the information for this segment of the program. My procedure for naming files is to start with a name and follow that with the date I started working on the report. So the file's name is MacroExpress-2020-08-17.txt.

Instead of having to type "2020-08-17", I type two periods followed by "dfd". The first "d" means "date" and "fd" means "file date". The letters could be anything I choose, but I have several date and time macros to serve different purposes:

• dfd: 2020-08-17 - The date as YYYY-MM-DD. This format is one I use frequently because it allows dates to sort in order without any difficult character manipulation.
• ddtm: 17 August 2020 at 9:29:18 - The date and time written in the format I prefer.
• ddte: 17 Aug 2020 - Only the date.
• dts1: 9:30:16 - A timestamp that includes hours, minutes, and seconds.
• dts2: 9:30 - A timestamp that includes only hours and minutes.

All of the time information uses a 24-hour clock.

Trivial? You bet, but I need to type the date, the time, or both several times a day. The macro ensures that I'll get both the date and the time right and without having to refer to a calendar or clock, that I'll always use the same format to type the values, and that I won't commit a typo.

If you use Facebook, you've probably seen phony ads for expensive Ray-Ban sunglasses at impossibly low prices. They are counterfeits, of course, and they are shoddy.

The fake ads are posted most frequently when someone's Facebook account has been compromised, but some people see the phony ads and repost them, thinking that they're doing someone a favor.

So I have a little macro that says the poster's account may have been taken over by crooks. It includes links to Facebook's page that explains what do do if your account has been stolen, but it also includes a link that explains the fake Ray-Ban ads if the user posted the scam negligently.

I created the macro using the assembler function in which the user simply selects (1) actions from a list of possible options and then (2) edits properties of the action.

When responding to a Facebook post that has the scam ad, all I need to do is (3) type two periods followed by "rayban" to insert the full message with links to two different resources. Typing this manually would take several minutes because I would have to look up the addresses, copy and paste them, and compose the message. Using MacroExpress reduces the time require to about two seconds.

Here's another time-saving example: Two periods followed by "tbwwdir" types this "D:\WEBSITES-Dev\TechByter.com\_development_NO_UPLOAD\TechByter pending". When I'm exporting screen shots from SnagIt for use on the website, I need to specify the directory the files should be copied to. Typing seven letters is a lot easier than typing 71 letters and characters. It's also guaranteed to be accurate every time.

Insight Software has four offerings: ShortKeys, Keyboard Express, MacroExpress, and MacroExpress Pro. I'm using MacroExpress Pro to describe the operation and each of the versions has varying lists of features. Most of the time I could get by with nothing more than ShortKeys, but occasionally I need features that are available only in MacroExpress Pro.

I've mentioned typing two periods before typing the shortkey word. This is something that the user chooses. By default, MacroExpress uses two backslashes (\\), but I prefer two periods (..). Some users set the shortkey prefix as a single period, but I consider that unwise. Using a single period could cause a macro to trigger unexpectedly if the user types a file extension that's being used as a shortkey value: .exe, .txt, and .xml are examples.

It's also possible to specify that the shortkey indicator should be used as a suffix ("greets.." instead of "..greets"). Also by default the shortkey and its prefix or suffix are removed when MacroExpress replaces the text. If you need to keep the shortkey in addition to the text, you can do that.

In other words, the program can be configured to work exactly the way you want it to work.

Creating Macros

MacroExpress offers several ways to create macros: It can record your keystrokes and mouse movements, you can use a macro assembler to pick actions from a list, and you can even edit the macro scripts direct once you've learned the language. First-time users will appreciate the Wizard.

To use the Wizard, click the Wizard button and work through a series of screens to create the macro. Once created, the macro can be modified in the macro assembler view or in the script editor view.

Here's how it works.

1. The Wizard's first screen determines what you want the macro to do: Create a reminder, or type text or other data; send email, load a web page, or map a disk drive; play a sound or video, or adjust volume; work with programs, windows, files, or folders, or reboot or shut down the computer. I'll choose the first option.
2. The Wizard's next screen determines whether I want to create a reminder, paste text or graphics, type the date or time, type a symbol, or enter some text. I have a pet spider that lives in a corner of the bathroom. We have some moths and I haven't been able to determine where they're coming from. The spider likes to eat them, so I bid the spider a good morning each day. I also took its picture and thought that I might occasionally like to share it, so I selected the option to paste text or graphics.
3. The next screen simply sets the user's expectations for what can be accomplished with the macro.
4. The next three options are to paste in text that will be entered in MacroExpress, paste in text from a file, or paste in a graphic image. I selected the image option.
5. MacroExpress asked me to specify the location of the graphic. I used the button to search for the image, which is D:\_TEMP\Spider_MG_3660-BB.jpg.
6. A macro can be activated in many ways. The most common are a hotkey (Ctrl-Alt-Shift-S), a shortkey (two periods followed by "spider"), on a schedule, based on the title of an active window, and many others -- nearly a dozen in all. I selected the shortkey method.
7. Because I specified the shortkey method to activate the macro, I was asked to specify the word I would use. I selected "spider".
8. Macros can be global (they will work at any time and in any application) or limited so that it will work only in specific programs. I selected global.
9. The user is asked to specify a name. This isn't essential, but it makes the process of finding the macro later if you want to edit it or delete it easier. It's also possible to specify an icon for this macro. Clicking Finish saves that macro and makes it ready for use.

Now, if I compose an email and want to include a photo of my pet spider, I type "..spider". Then MacroExpress removes "..spider" and pastes in the photo.

A Complex Macro with a Silly Purpose

Although I usually create and edit macros using the macro assembler to pick items from lists and then modify their properties, it is possible to create or edit macros in the application's edit mode or even to edit in a text editor such as UltraEdit Studio.

A decade or more ago I created a macro for fun at the office. The macro first determines what day it is (Monday through Friday) and whether the time is before noon or after noon.

Once that's been determined, MacroExpress writes some text. I used it to respond immediately to co-workers who sent an instant message. If I typed two periods followed by "greets" on a Monday morning, this would be the result: "Greetings" in a variety of languages. On Friday afternoon, the response would be "Happy Friday afternoon!" with translations into another batch of languages.

I had used Google's translate function to create messages in several languages and the macro had ten possible responses, from Monday morning through Friday afternoon.

Then I decided that I'd like to use the macro on Saturday and Sunday, too. I could have used the macro assembler to add more branches and labels, but thought that it would be faster to use the MacroExpress editor. Actually, I copied the script from the MacroExpress editor to UltraEdit studio because that provided color coding that's handy.

I made the appropriate changes, pasted the code back into MacroExpress and found that I'd made only one error, twice. The error was obvious and easily corrected so updating the macro to cover 14 possibilities (Monday morning through Sunday afternoon) took only a few moments.

Perhaps someday I'll expand the macro to cover 21 possibilities: Morning, afternoon, and evening for each of the seven days. But probably not.

Sizes for Mama Bear, Papa Bear, Baby Bear, and Teenage Bear

Insight Software has typically released the previous Pro version at a lower price when a new version is released, so now the previous Macro Express 5 Pro is named Macro Express and is being sold for $50, which is $20 less than the cost of the pro version. But there's also Keyboard Express for $35 and ShortKeys for $30. Which is right for you?

The MacroExpress page compares the applications, but briefly:

• ShortKeys is primarily a text replacement tool. Those who have the need to type repetitive information will benefit from installing ShortKeys.
• Keyboard Express adds the ability to watch what the user does and record the actions as a macro, the ability to schedule a macro for playback, and basic program control logic such as looping structures.
• MacroExpress adds many more programming tools, such as variables, string manipulation, error handling, optional password protection, the ability to create macros that call other macros, and links directly to the Windows interface.
• MacroExpress Pro includes tools for macro developers, and functions that can respond to system events, access the Windows clipboard, run multiple macros concurrently, and additional Boolean and date/time variables.

 Macros save time and reduce errors

Any repetitive task is a candidate for a macros. Those who need nothing more than simple text replacement will find the inexpensive ShortKeys can handle their needs. For more complicated needs, Insight Software offers three other applications, including MacroExpress Pro that can automate far more than just text replacements.

If you've never tried one of these programs, download a 30-day trial version and give it a try. Anything that you have do do more than a couple of times can be standarized and goof-proofed with a macro.

Additional details are available on the Insight Software website.

Short Circuits

No, You Don't Have to Verify Your Account

Any account. Period. Any email, instant message, or phone call that says you must "verify" your account information has about a 99.999% chance of being a scam.

When you log into Facebook from a device that Facebook doesn't recognize, you may receive a message that describes the unexpected login, but the message will say that you need not do anything if you logged in from the described device. If not, then you should change your password by logging on normally. The message does not say that you need to confirm anything.

This is a familiar drill. A bank will never ask you to confirm your account number; the bank knows your account number. It will never ask you to confirm your password.

So if you receive an email or an instant message that wants you to do something, especially if you have to do that something within a few minutes or hours, treat it with extreme suspicion.

You probably know that Facebook sometimes takes down posts that violate "community standards", and scammers have started using this to steal people's credentials. The scammer usually sends an instant message that says you've violated community standards, but the message contains no information about the supposed infraction.

Most of these messages then tell the user that they need to follow a link and perform an action. That action is usually described in terms of validating or confirming your account. The link will take you to a screen that looks like a Facebook login page. Under the guise of security, the form may ask for other identification or information such as mother's maiden name, last four digits of a Social Security number, and other terms that are commonly used as secondary means of identification.

If you enter your user name and password there, you'll have just given your credentials to a crook. What happens next depends on the intelligence of the scammer.

An intelligent scammer, after capturing your credentials, will log you in to Facebook and then step out of the way. You'll be able to continue without suspecting that a problem exists and the scammer can log in to your account and change the password. By the time the user realizes what has happened, the scammer will have had several hours to play.

Because too many people still use one set of credentials for multiple accounts, the scammer will try to log on to other accounts -- banks in your area, Amazon, and other stores. When the login succeeds, the scammer can change passwords and contact information, then place orders or make withdrawals.

Less intelligent scammers just fail the login process, leaving the victim to figure out what happened. Many users will quickly realize that something bad has happened when the dumb scammer takes this route, and that can limit the crook's time with valid stolen credentials.

If there's a problem with your account, you'll be notified the next time you try to log in. What's surprising about some of the recent scams is that messages claiming to be from Facebook are sent to Twitter users. That would be like the CEO of Toyota buying a Honda. Facebook doesn't use Twitter to notify users. Facebook doesn't even use its own Messenger service to notify users. If one of your posts has been taken down, you'll be notified in your timeline.

Observant users will see other clear indications that the message is a fake: The URL will go to an unusual domain: facebook-security.info instead of facebook.com, for example, or chase-fraud.site instead of chase.com. Instead of clicking a link that claims to be from your bank, an online store, or a social media site, just go to the site using your browser and log in. If you see no warning when logging in normally, smile. You'll just have saved yourself a lot of trouble and distress.

The Scams Just Keep on Coming!

In the 1960s, top 40 radio stations had recorded promos that shouted "the hits just keep on coming!" The same could be said about fraudulent emails that differ in form from what I described when talking about account verification. Here are a couple of recent scam attempts.

 Click any small image for a full-size view. To dismiss the larger image, press ESC or tap outside the image.

The first is a variant of the "verify your account" scam. It's so obvious that I have trouble imagining anyone falling for it. Here's what I saw with a quick glance.

1. The message claims to be from "Support techbyter.com" but the from address is webmaster.lpmmalaysia.com. I didn't bother to look the the routing headers to determine whether that was the actual source of the message, but later I did use a PowerShell command to load the website code safely so that I could read it. Lpmmalaysia.com exists, but hasn't been set up. Apparently scammers used an unpatched security flaw to hijack the site's email server.
   None of that research was needed. Just seeing that the claimed sender and the reported sender aren't the same was sufficient to discard the message as a fake. I didn't even need to go that far. I am the techbyter.com domain administrator and I knew that I didn't send myself a message about a new login from an unknown location.
   Then, just because I had some spare time, I looked to see what I could find out about the IP address from which the login supposedly occurred. The address (185.232.21.169) appears to be registered to a hosting service is Brussels.
2. Although I already knew it was a scam, I hovered the mouse cursor over the link address. It wouldn't have taken me to techbyter.com; instead the browser would have been pointed to "https://REDACTED.web.app/index.html?alt=media&token#techbyter.editor@techbyter.com". I removed the actual address so that someone wouldn't click it accidentally. When I loaded the page safely using PowerShell, I saw nothing more than a script.
3. The text has been written either by someone who speaks English as a second (or third) language or who never made it past eighth-grade remedial English. That would be another clue if I had needed one.
4. One more unnecessary clue appears near the bottom of the message where the scammer has included text about how to opt out, but forgot to include even a phony link.

The second is a common scam that promises a gift from a big retailer. Take our 30-second survey, the scammer says, and we'll give you a reward with a value up to $90. But the message at the top of the page says it's a $50 value. Pay attention to details, scammer!

What's wrong with this one? Lots! I suppose I should mention the sender's email address, but that's so obvious that I didn't highlight it on the screen shot. Sam's Club would not send marketing messages from a Netherlands email address.

1. Directly under the sender's phony email address is a line that says "We have a surprise for SAMS CLub Shoppers". There's no apostrophe in "Sam's". The scammer apparently intended to write "SAMS CLUB" but forgot to hold the shift key down long enough and got "SAMS CLub".
2. The next line has "Sams Club" -- again, no apostrophe. At least the capitalization is consistent.
3. The message has an old Sam's Club logo. I pasted a copy of the current logo over the scammer's screen shot.
4. The "Surveys and Promotions" clip art looks like it dates back to the earliest days of the web. This is not something that a large company such as Walmart would allow, and Sam's Club is a division of Walmart. The message at least got "Sam's Club" right for a change, but the presentation is amateurish and the entire message is a graphic -- a fuzzy, low-resolution graphic at that.
5. Then there's the squished photo in the lower right. Graphic designers do not stretch or squish photos. If the photo doesn't fit, a designer will either crop the image or find a new image.

The point here is that it's not difficult to foil scammers. Just view every message with a bit of suspicion.