Earlier today a customer of mine forwarded an email chain where an outside account replied into an existing email chain of ours pretending to be from my company (if my email is scoops@bolling.com, the third party came in with an email address of scoops.bolling@[weird ULR].com). What I'm not sure about is whether I was hacked or whether the customer was, as the third party interloper posing us as tried to give them an invoice to be wired to, which our customer recognized as being the wrong code for our location (i.e. they were trying to get paid to a bank in Russia or China or Nigeria, not the United States) and so they contacted me asking "is this you?". I looked up the domain the interlopers emailed from (sl-cassters dot com) and the only thing that I could find was that it was registered this January. I've changed the email accounts passwords and a couple other key business account passwords, but I'm not sure if I need to go through and change everything everywhere now, or if the vulnerability was on the customer's end. Thoughts? Suggestions?