Blog
Business email compromise is targeting accounting firms. Here’s how to fight back.
Published Apr 9, 2026 · Updated Apr 13, 2026 · About 5 min read
BEC attacks surged 26% in March 2026, with 10.7 million incidents in Q1 alone — the highest quarterly total on record. Accounting firms handle multiple clients' money, making your vendor payment workflow a high-value target where BEC scams ride in disguised as routine “vendor updates.”
What the attacker is trying to change
- Vendor email domain (spoofed or look-alike sender)
- Bank details (requesting beneficiary changes)
- Invoice details that pressure approvals with urgency
How to stop it with reviewable signals
Vantirs connects to QuickBooks Online and fingerprints vendors based on payment history. When an invoice request doesn’t match historical behavior, the team receives contextual alerts to review before payment runs.
For the control framework, compare BEC vs VEC in accounting firm workflows. To understand how modern attacks are designed to slip through normal approvals, read pre-approved fraud in AP.
Next step: protect AP before the wire leaves
Start with QuickBooks fraud prevention or see how invoice fraud detection works.