A Few Upcoming Cars

It was a busy Monday, Car Swap Day always is. Today’s was 190 km.

Me right now.

I’m scrolling my phone’s photostream, and it’s beautiful.

Here’s some highlights from upcoming posts.

Said goodbye to Mazda, been with them the last 2 weeks. It was my first time testing a 2016 Mazda3, quite liked it.

Here’s its interior – ergonomic, quality finishings and materials, and especially like how the dash feels.

Two-tone interiors always photograph well, but I’ve never been sold on their real-world practicality.

This 2016 Mazda MX-5 shot though.

And this 2016 Chevy Tahoe.

A long-time  Top 5 Favourite Vehicle , and after this week, debating altering my Top 3…

It’s just so fashionably-funtionable.

Do you spot it below?

See the button that activates the coolest feature ever? Exactly.

There’s a post about DAB radio.

Learning about auto security by passively testing Ford’s all-new Sync3 infotainment system (results are positive.)

And I still haven’t told you about helping to break in a 2016 Porsche Cayman GT4.

There’s a bunch of little posts about it, but ya.

That was weeks ago.

As was the launch of the all-new 2016 Honda Civic. It will start arriving in showrooms around now.

Short review – the Civic will remain Canada’s best-selling-car for the 18th consecutive year, this all-new model is lights out great.

Like how the styling received some needed aggression.

How pretty is this post eh.

Plus the photos are all #NoFilter 

Then there’s this upcoming post… oh guys, wait till you see what car adventure happened this time.

Ya I did.

Look closely at the exhaust…

… it’s a 2017 Pre-Production German-Spec Audi R8 V10.

Tracked it at Mosport.

 

 

A Multi-Staged Attack Works Well

A Multi-Staged Attack – usually a phishing email, followed up by a phone call.

It works because like Michele says…

… “if it comes from more than one source, it must be true.”

The Attack

A call will come in, and a stranger will have a believable story that relies on the email they sent you.

What they’re asking of you won’t seem like a big a deal… maybe they’re seeking a little piece of information, or for you to perform a seemingly mundane task on their behalf.

The call will have a sense of urgency, a realistic reason why they need you to do something ASAP. It will seem logical.

The attacker will be slick with words, and you’ll start to feel like helping them

“People don’t want to be rude, it’s a social faux pas. This attack exploits our natural instinct to be helpful” says Michele.

The Defence

don’t click any links in the email they’re referring to

– ask yourself if the call is coming from an expected source?

– be the outgoing call

– buy yourself time. Say something like, “I’d happy to help, but you caught me in the middle of something. Let me finish it and I’ll call you right back, what’s your number?”

I can confirm the effectiveness of this attack.

Did this for years back in the early days of the internet – not for nefarious reasons, but for sales.  It was amazing how many strangers would take my call.

Chain of Events

Search for companies who would benefit from buying advertising on my site > copy/paste sales email that concludes with, “I’ll followup with you in a couple days” > send, then wait 2 days > phone them, “Hi it’s Keri, I’m calling to followup on the email I sent, sure I’ll hold for the manager thanks” > close sale

This has been Part 3/3 in a series with Michele Fincher of Social Engineer, Inc., a premier consulting and training company which specializes in the art and science of social engineering (SE.)

Meet Michele here

Blog tag = social engineering (25)