How a Cyber Attack Compromised a Bookkeeper's Security

CREATED BY ALISON MEAD Published: 12/05/2025 @ 09:01AM #cyberattack #cybersecurity #bookkeepers #dataprotection #scamawareness

When a cyber attack struck a bookkeeper friend of mine, it revealed the hidden dangers of downloading files from seemingly trustworthy sources. In this blog post, she chronicles the experience, offering essential insights into recognising threats and protecting sensitive information in the digital age ...

Cyber attack strikes hard, Codes and firewalls no match, Silent destruction

It all began with a simple login attempt. She went to access her agent account for self-assessment and CIS, only to be met with an unexpected roadblock: she was locked out. A call to HMRC revealed that her account had been suspended due to suspicious activity. Not exactly the kind of Monday motivation anyone hopes for.

Thankfully, two anxious weeks later, her
access was reinstated!

Naturally, the first thing she did was change her password. But when she checked the account, she noticed something alarming - an unfamiliar name had been added to her self-assessment section, and one of her CIS clients had mysteriously disappeared. She sprang into action, deleting the intruder, updating her password again (better safe than sorry), and launching a full investigation.

Being diligent and responsible, she reported the breach to the Information Commissioner's Office (ICO) and her professional body, the Institute of Certified Bookkeepers (ICB). She also took on the daunting task of contacting every single client and subcontractor who might've been affected - around 90 people in total. A full system scan revealed the presence of trojans. Not exactly the kind of house guests you'd want on your computer.

But here's the kicker – she was cyber-aware. She used a password manager. She kept her systems up to date. So, how on earth did someone breach her defences?

The answer came in the form of an AccountingWEB newsletter. The article that caught her eye was called, “Agent accounts under attack in new cybercrime wave”. It described a disturbing trend of scammers targeting accounting firm agent accounts to file bogus claims and reroute refunds into their own shady bank accounts.

That article turned on a lightbulb for her!

She went back through her records and found an email from a supposed new client, sent just before the breach happened. The client had attached a file - a zip folder, no less - claiming it contained her previous tax return. Inside was a sneaky little number pretending to be a PDF but in fact was an executable (.exe) file in disguise. She didn't run the file, but simply unzipping it had done enough damage. Talk about Trojan horse tactics.

Looking back, she describes feeling violated, confused, and - understandably - distrustful of every email attachment in her inbox. But with clarity came closure. She now knows what happened, and she shared her story with me so I could blog about it and reach others so they don't have to learn the hard way.

So what's the takeaway?

Be suspicious of files, especially zipped ones. Always double-check file extensions, too.  Something called 'pdf.exe' is not your friend. And remember, even the most cautious can get caught off guard.

Her final words? “I wish I hadn't had to learn this, but now that I have, I'll be soooo much more careful about what I open. I hope none of you have to go through this – stay safe out there!”

And that, dear readers, is a reminder that even with bookkeeping, spreadsheets and self-assessments, danger can come zipped and disguised. Be careful!

Until next time ...

ALISON MEAD
I'm your Bookkeeping Buddy: Discover more by clicking here!

Share the blog love ...

Buffer Facebook Twitter Linkedin Pinterest WhatsApp #cyberattack #cybersecurity #bookkeepers #dataprotection #scamawareness

About Alison Mead ...
Alison loves bookkeeping and supporting bookkeepers. She has been helping clients to be better bookkeepers in Sage 50 for over 24 years and has been Xero Accredited in accounts and payroll for a number of years too. She specialises in a very unique hand-holding method of training, helping bookkeepers and business owners to use their accounts software as and when they need support in setting up and producing their invoices, reports and financial information. Alison combines her role at Silicon Bullet with her Forever Living network marketing businesses and is often to be seen at business networking meetings as she likes to keep busy. You know what they say: if you want something done well ask a busy person!

More blog posts for you to enjoy ...
		How Sage Business Cloud Calculates Flat Rate VAT If your business is registered under the Flat Rate VAT Scheme, understanding how Sage Business Cloud calculates your VAT return is key to staying compliant and maintaining accurate records. How does the system work, and what ...
		Microsoft Withdraws Free Licenses for Charities And Non-Profits Microsoft has announced it will withdraw free licenses for charities, specifically the Microsoft 365 Business Premium and Office 365 E1 packages, from the 1st of July 2025. This decision marks a turning point for non-profits ...
		Being a Bookkeeping Buddy Means Being Part Of A Community I created my Bookkeeping Buddy community last year to offer a higher level of support to bookkeepers across the country, and it really has turned into a community. At a recent Accountex London exhibition, two of my Bookkeepin...
		Xero Cashbook Subscriptions to become Xero Simple If you’re a Xero user, you might have already heard the news that Xero Cashbook is out, and Xero Simple has arrived. But don’t worry, this isn’t one of those “new name, same headaches” kind of changes. In fact, it’s quite the...
		Why Should You Use A Bookkeeper? Keeping track of your accounts is a science as well as an art form. Yes, of course you can do it yourself, but wouldn't a bookkeeper make your life a whole lot easier? Having a clear picture of your finances at any given time...
		Do You Need Bookkeeping Support Or Help With Your Accounts? If you have any doubts about doing your bookkeeping and accounts or maybe you've started a new business this year and don't know where to start? There are several ways you can get support from us at Silicon Bullet depending o...
		Be Careful Who You Call For IT Support If you have a problem with your computer and need help, be really careful who you call for support. We have had two calls in the last couple of days from domestic clients who had printer connection issues, googled a support n...
		How Small Creators Can Earn Money From TikTok I have been experimenting with monetising on social media just to see how easy it is and how it all works so I am better able to help and advise those with side hustles and the self-employed on how to report their income, and...

Other bloggers you may like ...
		Focus on the Positive Aspects of Your Life and Career for Lasting Success Posted by Dave Cordle on https://blog.davecordle.co.uk Discover how to focus on the positive aspects of your life and career. By cultivating a mindset of gratitude, you can unlock greater fulfilment and su ...
		Understanding the Implications of Failing to Pay the National Minimum Wage Posted by Roger Eddowes on https://blog.essendonaccounts.co.uk What are the consequences of not adhering to the UK's National Minimum Wage laws? Not surprisingly, employers face significant penalties and damage to ...
		6 Steps To Getting New Business When You're On Holiday Posted by Jacky Sherman on https://www.jackysherman.com Years ago, we were on holiday in Italy. Every day, when I sat by the pool, I'd see a man on a lounger deeply engrossed in his laptop. Every quarter of ...
		Unlock Extra Income with the Rent A Room Scheme Posted by Helen Beaumont on https://blog.essendontax.co.uk By participating in the Rent A Room Scheme, you can effortlessly earn up to £7,500 a year tax-free. This applies whether you own your home or are simp ...