@SewerRatt64@twtrrr@ShiannonC@CommBank Yep, I think this is fairly accurate. The lady, no matter how IT savvy she is, probably accepted a link or SMS and inadvertently downloaded something, OR, connected to a phishing site that looks like @CommBank and logged in.
It’s easy to do.