+44 (0) 1604 420057
   
Alison Mead

The Blog of Silicon Bullet

By Alison Mead, Bookkeeping Mentor ...

How a Cyber Attack Compromised a Bookkeeper's Security

Alison Mead

CREATED BY ALISON MEAD

Published: 12/05/2025 @ 09:01AM

#cyberattack #cybersecurity #bookkeepers #dataprotection #scamawareness

When a cyber attack struck a bookkeeper friend of mine, it revealed the hidden dangers of downloading files from seemingly trustworthy sources. In this blog post, she chronicles the experience, offering essential insights into recognising threats and protecting sensitive information in the digital age ...

Cyber attack strikes hard, Codes and firewalls no match, Silent destruction

Cyber attack strikes hard, Codes and firewalls no match, Silent destruction

It all began with a simple login attempt. She went to access her agent account for self-assessment and CIS, only to be met with an unexpected roadblock: she was locked out. A call to HMRC revealed that her account had been suspended due to suspicious activity. Not exactly the kind of Monday motivation anyone hopes for.

Thankfully, two anxious weeks later, her
access was reinstated!

Naturally, the first thing she did was change her password. But when she checked the account, she noticed something alarming - an unfamiliar name had been added to her self-assessment section, and one of her CIS clients had mysteriously disappeared. She sprang into action, deleting the intruder, updating her password again (better safe than sorry), and launching a full investigation.

Being diligent and responsible, she reported the breach to the Information Commissioner's Office (ICO) and her professional body, the Institute of Certified Bookkeepers (ICB). She also took on the daunting task of contacting every single client and subcontractor who might've been affected - around 90 people in total. A full system scan revealed the presence of trojans. Not exactly the kind of house guests you'd want on your computer.

But here's the kicker – she was cyber-aware. She used a password manager. She kept her systems up to date. So, how on earth did someone breach her defences?

The answer came in the form of an AccountingWEB newsletter. The article that caught her eye was called, “Agent accounts under attack in new cybercrime wave”. It described a disturbing trend of scammers targeting accounting firm agent accounts to file bogus claims and reroute refunds into their own shady bank accounts.

That article turned on a lightbulb for her!

She went back through her records and found an email from a supposed new client, sent just before the breach happened. The client had attached a file - a zip folder, no less - claiming it contained her previous tax return. Inside was a sneaky little number pretending to be a PDF but in fact was an executable (.exe) file in disguise. She didn't run the file, but simply unzipping it had done enough damage. Talk about Trojan horse tactics.

Looking back, she describes feeling violated, confused, and - understandably - distrustful of every email attachment in her inbox. But with clarity came closure. She now knows what happened, and she shared her story with me so I could blog about it and reach others so they don't have to learn the hard way.

So what's the takeaway?

Be suspicious of files, especially zipped ones. Always double-check file extensions, too.  Something called 'pdf.exe' is not your friend. And remember, even the most cautious can get caught off guard.

Her final words? “I wish I hadn't had to learn this, but now that I have, I'll be soooo much more careful about what I open. I hope none of you have to go through this – stay safe out there!

And that, dear readers, is a reminder that even with bookkeeping, spreadsheets and self-assessments, danger can come zipped and disguised. Be careful!

Until next time ...


ALISON MEAD
I'm your Bookkeeping Buddy: Discover more by clicking here!

Would you like to know more?

If anything I've written in this blog post resonates with you and you'd like to discover more about how a bookkeeper can protect themselves from cyber-attacks, it may be a great idea to give me a call on 01604 420057 and let's see how I can help you.

Share the blog love ...

Share this to FacebookBuffer
Share this to FacebookFacebook
Share this to TwitterTwitter
Share this to Linkedin (popup window)Linkedin
Share this to Pinterest (popup window)Pinterest
Share this to WhatsApp (popup window)WhatsApp

#cyberattack #cybersecurity #bookkeepers #dataprotection #scamawareness

About Alison Mead ...

Alison Mead 

Alison loves bookkeeping and supporting bookkeepers. She has been helping clients to be better bookkeepers in Sage 50 for over 24 years and has been Xero Accredited in accounts and payroll for a number of years too.

She specialises in a very unique hand-holding method of training, helping bookkeepers and business owners to use their accounts software as and when they need support in setting up and producing their invoices, reports and financial information.

Alison combines her role at Silicon Bullet with her Forever Living network marketing businesses and is often to be seen at business networking meetings as she likes to keep busy.

You know what they say: if you want something done well ask a busy person!

More blog posts for you to enjoy ...

Click here to view this blog post


The new Xero home page is here: what bookkeepers need to know about it

The new Xero home page is rolling out with smarter widgets, a more customisable layout and faster loading for larger sets of data. For bookkeepers, it means easier access to key figures and a few handy changes to get used to....

Click here to view this blog post


Start the new tax year right: Stay on top of your side hustle records

As we step into a new tax year, it's the perfect moment to reset, reorganise and get yourself one step ahead, especially if you have a side hustle, freelance income or anything outside of PAYE. One of the simplest but most ef...

Click here to view this blog post


New Xero accounting app update launching soon

The new Xero accounting app update will soon provide a cleaner, more familiar experience. It aims to make everyday tasks quicker with easier navigation and faster actions. There is also more insight on the way, which is good ...

Click here to view this blog post


Xero Smart Document Capture for faster, more accurate bookkeeping

Xero Smart Document Capture makes bookkeeping feel much lighter by turning paper trails into usable data fast. It helps bookkeepers keep their clients organised, cut manual entry, and keep records ready for HMRC without the u...

Click here to view this blog post


Firms urged to check if their Companies House data was edited by others

I recently read about a serious Companies House security problem that may have let logged-in users see or even change other firms' records. If you're one of the businesses affected, it makes sense to review your details now ....

Click here to view this blog post


Some great reviews for my Bookkeeping Buddy subscription

Do It Yourself bookkeeping often feels like a chore when you're managing your own business accounts or even just starting off as a bookkeeper. This is why I created by Bookkeeping Buddy subscription and I'm getting some great...

Click here to view this blog post


Bookkeeping Buddy: Why DIY Bookkeeping Doesn't Mean Doing It Alone

Many small business owners attempt DIY bookkeeping to save costs and maintain control. Yet, this path can be daunting. Learn how you can manage your finances more effectively with my Bookkeeping Buddy subscription, ensuring y...

Click here to view this blog post


Building A Bookkeeping Business: Increasing Your Prices

You may have already done the difficult part of starting your own bookkeeping business; you've found clients, you've decided on your pricing, and now you're getting on with the day-to-day of looking after the clients you've ....

Other bloggers you may like ...

Click here to view this blog post


How to stay visible online without spending your time posting every day

Posted by Steffi Lewis on https://www.sblogit.com

For many small business owners, staying visible online feels like a full-time job. There's constant pressure to post on social media, keep websites up ...

Click here to view this blog post


What is Passive Aggressive Behaviour, and how do we deal with it?

Posted by Jacky Sherman on https://www.jackysherman.com

Passive Aggressive Behaviour is a way of expressing negative feelings, such as frustration, resentment or anger, indirectly rather than openly. Instea ...

Click here to view this blog post


F1 British Grand Prix 2026: Stay Smart in Milton Keynes

Posted by Emily Freeman on https://blog.shortstay-mk.co.uk

Planning to attend the F1 British Grand Prix 2026? Stay in Milton Keynes with Short Stay : MK for easy shuttle access, great nightlife, and real comfo ...

Click here to view this blog post


LinkedIn is essential for career growth, but it's more than just a recruitment website

Posted by Dave Cordle on https://blog.davecordle.co.uk

LinkedIn is more than a place to scroll through vacancies. It helps you build useful connections, learn from other people, and make smarter moves in y ...

© 2026 by Alison Mead

All rights reserved



All content on this blog, including but not limited to text, images, videos and audio, is protected by copyright. No part of this blog may be reproduced, copied, distributed, or otherwise used without the prior written consent of the author. Unauthorised use constitutes a breach of intellectual property rights.

Please note that many elements of this blog have been created using Artificial Intelligence (AI). As such, content may not always reflect verified facts or professional advice. The information provided is for general interest only and should not be relied upon as a sole source for making decisions, financial or otherwise. Readers are strongly advised to seek independent advice from qualified professionals appropriate to their country and situation.

The author of this blog, YourPCM Limited, and its directors, employees, and authorised agents accept no liability for any loss, harm, or consequence arising from the use or interpretation of content found on this site.

The sblogit.com platform is provided on an “as is” basis. By continuing to view or interact with this blog, you acknowledge and accept these terms. If you do not agree with any part of this notice, please cease using this site immediately.

YourPCM Limited is a company registered in the UK and operates exclusively under the jurisdiction of the laws of England and Wales.