+44 (0) 1604 420057
   
Alison Mead

The Blog of Silicon Bullet

By Alison Mead, Bookkeeping Mentor ...

How a Cyber Attack Compromised a Bookkeeper's Security

Alison Mead

CREATED BY ALISON MEAD

Published: 12/05/2025 @ 09:01AM

#cyberattack #cybersecurity #bookkeepers #dataprotection #scamawareness

When a cyber attack struck a bookkeeper friend of mine, it revealed the hidden dangers of downloading files from seemingly trustworthy sources. In this blog post, she chronicles the experience, offering essential insights into recognising threats and protecting sensitive information in the digital age ...

Cyber attack strikes hard, Codes and firewalls no match, Silent destruction

Cyber attack strikes hard, Codes and firewalls no match, Silent destruction

It all began with a simple login attempt. She went to access her agent account for self-assessment and CIS, only to be met with an unexpected roadblock: she was locked out. A call to HMRC revealed that her account had been suspended due to suspicious activity. Not exactly the kind of Monday motivation anyone hopes for.

Thankfully, two anxious weeks later, her
access was reinstated!

Naturally, the first thing she did was change her password. But when she checked the account, she noticed something alarming - an unfamiliar name had been added to her self-assessment section, and one of her CIS clients had mysteriously disappeared. She sprang into action, deleting the intruder, updating her password again (better safe than sorry), and launching a full investigation.

Being diligent and responsible, she reported the breach to the Information Commissioner's Office (ICO) and her professional body, the Institute of Certified Bookkeepers (ICB). She also took on the daunting task of contacting every single client and subcontractor who might've been affected - around 90 people in total. A full system scan revealed the presence of trojans. Not exactly the kind of house guests you'd want on your computer.

But here's the kicker – she was cyber-aware. She used a password manager. She kept her systems up to date. So, how on earth did someone breach her defences?

The answer came in the form of an AccountingWEB newsletter. The article that caught her eye was called, “Agent accounts under attack in new cybercrime wave”. It described a disturbing trend of scammers targeting accounting firm agent accounts to file bogus claims and reroute refunds into their own shady bank accounts.

That article turned on a lightbulb for her!

She went back through her records and found an email from a supposed new client, sent just before the breach happened. The client had attached a file - a zip folder, no less - claiming it contained her previous tax return. Inside was a sneaky little number pretending to be a PDF but in fact was an executable (.exe) file in disguise. She didn't run the file, but simply unzipping it had done enough damage. Talk about Trojan horse tactics.

Looking back, she describes feeling violated, confused, and - understandably - distrustful of every email attachment in her inbox. But with clarity came closure. She now knows what happened, and she shared her story with me so I could blog about it and reach others so they don't have to learn the hard way.

So what's the takeaway?

Be suspicious of files, especially zipped ones. Always double-check file extensions, too.  Something called 'pdf.exe' is not your friend. And remember, even the most cautious can get caught off guard.

Her final words? “I wish I hadn't had to learn this, but now that I have, I'll be soooo much more careful about what I open. I hope none of you have to go through this – stay safe out there!

And that, dear readers, is a reminder that even with bookkeeping, spreadsheets and self-assessments, danger can come zipped and disguised. Be careful!

Until next time ...


ALISON MEAD
I'm your Bookkeeping Buddy: Discover more by clicking here!

Would you like to know more?

If anything I've written in this blog post resonates with you and you'd like to discover more about how a bookkeeper can protect themselves from cyber-attacks, it may be a great idea to give me a call on 01604 420057 and let's see how I can help you.

Share the blog love ...

Share this to FacebookBuffer
Share this to FacebookFacebook
Share this to TwitterTwitter
Share this to Linkedin (popup window)Linkedin
Share this to Pinterest (popup window)Pinterest
Share this to WhatsApp (popup window)WhatsApp

#cyberattack #cybersecurity #bookkeepers #dataprotection #scamawareness

About Alison Mead ...

Alison Mead 

Alison loves bookkeeping and supporting bookkeepers. She has been helping clients to be better bookkeepers in Sage 50 for over 24 years and has been Xero Accredited in accounts and payroll for a number of years too.

She specialises in a very unique hand-holding method of training, helping bookkeepers and business owners to use their accounts software as and when they need support in setting up and producing their invoices, reports and financial information.

Alison combines her role at Silicon Bullet with her Forever Living network marketing businesses and is often to be seen at business networking meetings as she likes to keep busy.

You know what they say: if you want something done well ask a busy person!

More blog posts for you to enjoy ...

Click here to view this blog post


Getting your sole trader clients ready for MTD For Income Tax

If you're a bookkeeper supporting sole trader clients, you've likely already started receiving questions about Making Tax Digital (MTD) for Income Tax. While the changes may seem daunting at first, they're really about encour...

Click here to view this blog post


Some great reviews for my Bookkeeping Buddy subscription

Do It Yourself bookkeeping often feels like a chore when you're managing your own business accounts or even just starting off as a bookkeeper. This is why I created my Bookkeeping Buddy subscription and I'm getting some great...

Click here to view this blog post


Xero pricing update from 1st September 2026

As bookkeepers, we are often the first port of call when clients hear about software price increases. If you've started hearing questions about Xero's latest pricing changes, now is a great opportunity to demonstrate your val...

Click here to view this blog post


Why Should You Use A Bookkeeper?

Keeping track of your accounts is a science as well as an art form. Yes, of course you can do it yourself, but wouldn't a bookkeeper make your life a whole lot easier? Having a clear picture of your finances at any given time...

Click here to view this blog post


Bookkeepers: how you can prepare your landlord clients for Making Tax Digital

Making Tax Digital (MTD) for Income Tax is no longer a future consideration for landlords. The rollout is now underway, and many landlords will need to change how they keep records and report income to HMRC ......

Click here to view this blog post


Bookkeepers: About the summer 2026 temporary VAT reduction to 5%

For many bookkeepers, managing VAT changes can feel like a full-time job, especially when temporary measures are introduced at short notice. The government's announced summer VAT reduction to 5% is one such change, and it is ...

Click here to view this blog post


HMRC's new 55p mileage rate highlights the importance of good bookkeeping

HMRC's move to raise the Approved Mileage Allowance Payment (AMAP) rate to 55p per mile is good news for many business owners and employees. As fuel, insurance, servicing, and vehicle costs continue to rise, this update offer...

Click here to view this blog post


Credit Notes for Xero: A new version is now here

Credit Notes in Xero now feature a cleaner, more familiar layout that aligns with invoices and quotes. The old version remains available for now, but this update aims to make bookkeeping tools feel more consistent and easier ...

Other bloggers you may like ...

Click here to view this blog post


How YourBOT's multi-source knowledge system works with your data

Posted by Steffi Lewis on https://www.yourbot.uk

YourBOT's brain isn't one big pot of mush where every scrap of text gets thrown in and hoped for the best. Instead, it uses a structured 'multi-source ...

Click here to view this blog post


The biggest mistakes new property investors make and how to avoid them

Posted by Sarah Hannaford on https://blog.sarahpasolutions.co.uk

Before diving into your first investment property, it helps to remember that every property investor started as a beginner. Nobody gets everything rig ...

Click here to view this blog post


HMRC Taking A Good Look At Savvy Online Sellers

Posted by Helen Beaumont on https://blog.essendontax.co.uk

HMRC's new data sharing initiative, which aligns with the OECD's global objective to tackle tax evasion, has been met with mixed reactions from online ...

Click here to view this blog post


When it takes a village, YourPING Group Mode makes it easy

Posted by Steffi Lewis on https://www.yourping.uk

Supporting people who live independently is one of the most rewarding jobs a charity or community organisation can do, but it also comes with big chal ...

© 2026 by Alison Mead

All rights reserved



All content on this blog, including but not limited to text, images, videos and audio, is protected by copyright. No part of this blog may be reproduced, copied, distributed, or otherwise used without the prior written consent of the author. Unauthorised use constitutes a breach of intellectual property rights.

Please note that many elements of this blog have been created using Artificial Intelligence (AI). As such, content may not always reflect verified facts or professional advice. The information provided is for general interest only and should not be relied upon as a sole source for making decisions, financial or otherwise. Readers are strongly advised to seek independent advice from qualified professionals appropriate to their country and situation.

The author of this blog, YourPCM Limited, and its directors, employees, and authorised agents accept no liability for any loss, harm, or consequence arising from the use or interpretation of content found on this site.

The sblogit.com platform is provided on an “as is” basis. By continuing to view or interact with this blog, you acknowledge and accept these terms. If you do not agree with any part of this notice, please cease using this site immediately.

YourPCM Limited is a company registered in the UK and operates exclusively under the jurisdiction of the laws of England and Wales.