Trust? we've heard of it but that was a few years ago.
We've recently had a corporate card skimmed, the card company caught it very quickly and called us, it's been cancelled and replaced.
The problem has been sorted but I'm seeing a follow up attack - looks like they found the card holder details and email address - they are now sending the user spoof emails pretending to be from the card company about the card replacement - just click here to confirm ... except the link is to annex.my or somewhere. Uptick of SalesOrder.iso files too.
These hacks can go on and on after the event.