Scenario: Successful fraud attempt via phone call. Victim speaks to fraudster and gets tricked into email transfer of funds due to some situation i.e. falsified family emergency (grandson is injured or in jail etc and requires funds via e-transfer)
As email and phone number were utilized in the above scenario, is it advisable to change both phone number and email by the victim? Is keeping information unchanged considered a vulnerability still due to "successful" fraud and are there accepted best practices for after such an event as it appears that this is a common occurrence?