[theGeatZhopa]

Not necessary. It can just be coincidence. It happened to me in different occasion, where I helped a 60y old to set up online dating. She was very active without care. So, her contact book has been accessed by some dating app and then me got a few unwanted WhatsApp calls by foreign numbers.

So, may be she told a few people her new work number. They saved it to their devices, which had an malicious app running.

Not necessarily you're compromised. May be her contact is listed in your webpage? That happened to me too, where the employer decided to put clear text href email address publicly on the website. The machinery acted quickly. By finding information like "sales" or "customer service", connections can be made. So Phishing is more effective.

But still. For me, it would be an alarm sign to trigger an investigation. If there is no public listing of contact information, then its likely in the inner rings. Because.. knowing that you're CEO and writing in your name to a new mobile number, it looks like spearphishing.

The only way to protect is to train train train. Why did she mark it as spam in slack? Because she used her suspectsissity and her feelings. Let her tell the others how she came to the conclusion it's spam. There won't be much she will tell (I think) but it will raise sensitivity with others, because they'll remember the story..