Last week I had a C-Level user email account compromised and an attempted wire fraud. To add to this as well the users iPhone was compromised and a forward set to another phone number. Now his VMs are getting transcribed by text to mail service which the user claims they did not set up.


– Possibly how they got around his email MFA.

– Already swapped sim cards

– Factory reset the phone

– Verified with phone provider that no unauthorized changes were made to his account.

– Forward is gone as far as I can tell but I am still getting a text to mail subscriber message when trying to leave a VM.


– Looked to see if anyone else had seen this before. is this a possible zero-click install?

– What is the hack/scam/fraud here?

– Anyone else ever seen this before?

Share This Discussion

Leave a Comment

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.