We live in a world where cyber crime is real. IT infrastructure and emails can be infiltrated by stealth to the point where emails are being monitored or altered without your knowledge. Scary, but true.
Just like software packages that adopt two factor authentications, we should consider adopting the same principal for confirming bank account details.
Put in place a secondary check which does not include the use of emails.
If a supplier advises that their bank account details have changed by email, phone the supplier and confirm the details are correct.
If a customer / client provides you with bank account details for a cash transfer via email, contact them direct via phone or text message to confirm the details.
On top of improving internal risk management, businesses should be considering a cyber crime insurance policy for protection.