0

Scenario: Successful fraud attempt via phone call. Victim speaks to fraudster and gets tricked into email transfer of funds due to some situation i.e. falsified family emergency (grandson is injured or in jail etc and requires funds via e-transfer)

As email and phone number were utilized in the above scenario, is it advisable to change both phone number and email by the victim? Is keeping information unchanged considered a vulnerability still due to "successful" fraud and are there accepted best practices for after such an event as it appears that this is a common occurrence?

Improve this question
3
  • 1
    What would changing those things accomplish from a security perspective? Have they been compromised by the fraudster?
    – schroeder
    Commented May 24 at 21:15
  • I assume 1. increase in fraud attempts / spam / other unwanted phising etc due to previous success, 2. If future data breach is successful, email address is used as "user" name in many cases and could increase chances of other successful scams. But I am unsure of potential vulnerability hence the question to determine risk
    – user309108
    Commented May 24 at 22:04
  • 1
    #1 isn't a security issue, though. #2 isn't contingent on a successful scam beforehand. so, no, your guess is not correct. There is no "best practice" around this arbitrary response.
    – schroeder
    Commented May 24 at 22:19

0

Reset to default

You must log in to answer this question.

Browse other questions tagged .