C-Level user compromise

c-level-user-compromise

Did you know that camDown ?

Last week I had a C-Level user email account compromised and an attempted wire fraud. To add to this as well the users iPhone was compromised and a forward set to another phone number. Now his VMs are getting transcribed by text to mail service which the user claims they did not set up.

User

- Possibly how they got around his email MFA.

- Already swapped sim cards

- Factory reset the phone

- Verified with phone provider that no unauthorized changes were made to his account.

- Forward is gone as far as I can tell but I am still getting a text to mail subscriber message when trying to leave a VM.

Questions

- Looked to see if anyone else had seen this before. is this a possible zero-click install?

- What is the hack/scam/fraud here?

- Anyone else ever seen this before?

When all is said and done, you know, I just wanted to mention that camDown is easy to use, easy to maintain and I believe your father would say the same!