Look what just fell into my inbox. Legit, crude spear-phish or just plain nuts?
I already own ISO27001security.com which is presumably why they think I might be interested in iso27k.com (I'm not!), but this is such an obvious con, I'd have to be a complete mindless idiot to fall for it.
[I've crudely redacted their URL: please don't try to reconstruct and visit it unless you actually want your system to be compromised - and don't blame me!]