Try this first
- 1Write into the procurement process: new vendor or IBAN change always requires a callback verification on a phone number from a trusted source (chamber of commerce, prior correspondence, contract).
- 2Set up four-eyes approval on payments above a threshold that fits your size. The owner plus a second person both approve in the banking portal.
- 3Turn on alerts in your accounting tool when a vendor IBAN changes or a new vendor is created. Exact, AFAS, Twinfield and Yuki all have hooks for this.
- 4Disable external auto-forwarding in Exchange and alert on new inbox rules. Many IBAN-swap cases start with an attacker reading a mailbox.
- 5Train finance at least once a year with a concrete example of a real IBAN-swap attempt. Skip abstract slides, a forwarded real-world sample lands better.
When to bring us in
If you work with foreign vendors and large payments, ask your bank about Confirmation of Payee for SEPA payments where available, and look at cyber insurance with explicit social-engineering-fraud coverage.
See also
- I think I clicked a phishing linkNo shame, happens to everyone. The next fifteen minutes matter.
- A colleague's account is acting strangelySending mail in their name, rules hiding folders, unusual sign-ins. Suspicious.
- Lost the MFA app: new phone, no backup codesClassic problem after a phone upgrade. You are not the first to be locked out.
None of the above fits?
Describe your situation below. We pass your input plus the steps you already saw to our AI and return tailored next-step advice. If it's too risky to DIY, we'll say so.
Or skip the DIY entirely
Our Managed IT clients do not look these things up. One point of contact, a fixed monthly price, resolved within working hours.