[PR #3445] modified rule: Brand impersonation: USPS

Author: github-actions[bot]

detection-rules/3445_impersonation_usps.yml

@@ -6,9 +6,7 @@ source: |
   type.inbound
   and (
     any(ml.logo_detect(file.message_screenshot()).brands, .name == "USPS")
-    or (
-        strings.ilike(sender.display_name, "USPS")
-      )
+    or sender.display_name =~ "USPS"
   )
   and length(body.links) > 0
   and 2 of (
@@ -69,4 +67,4 @@ detection_methods:
 id: "c9ab649e-13a0-50b8-9032-b191498b9388"
 og_id: "28b9130a-d8e0-50af-97c9-c1b8f4c46d68"
 testing_pr: 3445
-testing_sha: cfd70dc1b2a02636ebbafb033b28b741455c9909
+testing_sha: ccf3f5b313dcfc8a23417ff392200f327f581140