I have no idea of how that went; now you have picked my interest and I'll be asking him to follow up. It did not occur to me that it needs to be too sophisticated of an attack (didn't stop to think through it too much, admittedly). Just thinking of how we collectively mostly never encrypt email seemed like the most obvious way to understand how that was possible. The email provider of either the company or the customer must have been compromised. But the bank account?
Not knowing any details my first assumption would be that somebody mistyped a number, either in the template or while preparing the transfer and being hacked is just an excuse.
Alternative is some generic phishing with a complete fake invoice, which somebody assumed to be true.
Now if it is serious and an invoice was changed (independently from transport considerations) that alone is quite some effort: the original message has to be held back and analyzed, then it has to be manipulated (replaced) and then the message has to be sent on.
If you get to that level of sophistication it's a lot more likely the source was hacked.
There are a few other scenarios, like invoice being sent wrongly and some random person manipulating it before sending on, but if you aren't prepared by having a bank account for that purpose it's quite a risky thing to do. My private account can be traced to me ...
