https://community.isc2.org/t5/Tech-Talk/Graham-Cluley-and-a-fake-email/m-p/63649#M4104 Probably have a lurker with one or more accounts. Infiltrate the sales function then they can send fake payment instructions etc.<BR /><BR />Seen this in the wild. Not pretty. Tue, 17 Oct 2023 04:59:02 GMT Early_Adopter 2023-10-17T04:59:02Z https://community.isc2.org/t5/Tech-Talk/Graham-Cluley-and-a-fake-email/m-p/63637#M4103 <P>If you've heard of the Smashing Security podcast, you know Graham Cluley.&nbsp; He recently posted <A href="https://grahamcluley.com/fraudsters-target-booking-com-customers-claiming-hotel-stay-could-be-cancelled/" target="_blank" rel="noopener">this link</A>, describing how he tried to address a fake email he received from a travel website.</P><P>&nbsp;</P><P>Apparently, Cluley was never previously their customer, but within hours of becoming a customer and placing an order, he received what he thought was a legitimate message from the travel company.&nbsp; There was an air of validity because of his recent order, and he almost acted on the message's demands.</P><P>&nbsp;</P><P>He reached out to the company, and I'm sure they haven't responded yet because they're chasing down what went wrong.&nbsp; Or, let's hope that's what's happening.&nbsp;&nbsp;</P> Mon, 16 Oct 2023 19:21:40 GMT https://community.isc2.org/t5/Tech-Talk/Graham-Cluley-and-a-fake-email/m-p/63637#M4103 ericgeater 2023-10-16T19:21:40Z https://community.isc2.org/t5/Tech-Talk/Graham-Cluley-and-a-fake-email/m-p/63649#M4104 Probably have a lurker with one or more accounts. Infiltrate the sales function then they can send fake payment instructions etc.<BR /><BR />Seen this in the wild. Not pretty. Tue, 17 Oct 2023 04:59:02 GMT https://community.isc2.org/t5/Tech-Talk/Graham-Cluley-and-a-fake-email/m-p/63649#M4104 Early_Adopter 2023-10-17T04:59:02Z