The Silent Hack: Why Cybersecurity Must Be an Accounting Priority

Cybersecurity. There was a time when spotting a scam was easy. A suspicious email from a dubious “prince” promising millions in exchange for your bank details? Delete. No questions asked.

But those days are long gone. Today’s cybercriminals are armed with sophisticated tools, clever disguises, and worryingly, an ever-growing understanding of how the accounting industry works.

Recent attacks on household names like Marks & Spencer and Harrods highlight how pervasive and dangerous these threats have become. But beyond the headlines, it’s accounting firms—particularly small to midsize practices—that are quietly becoming prime targets.

cybersecurity

Why Accounting Firms?

According to Francis West, CEO of Security Everywhere, accounting firms are under daily threat because they hold “a goldmine of sensitive financial data.” Think personal tax information, corporate banking details, and access to HMRC agent accounts—all incredibly valuable to fraudsters.

In an era where automation and AI are reshaping the way we handle tax filings, reporting, and even client communications, criminals are learning to mimic these tools, using technology to infiltrate rather than innovate.

One Click Away from Crisis

Take the experience of a small firm owner, who shared her story with AccountingWEB. It started innocently—a call from a prospective client, followed by an email containing what was disguised as a PDF from HMRC. In reality, it was malware. With a single click, her firm unknowingly gave hackers weeks of remote access.

In that time, the attackers hijacked the firm’s antivirus software, infiltrated its HMRC Gateway, and submitted fraudulent VAT and CIS repayment claims. The funds? Redirected to criminal-controlled accounts.

What makes this even more chilling is how tailored and convincing the scam was. This wasn’t a broad-strokes phishing attempt—it was a calculated, highly specific attack targeting the inner workings of her bookkeeping practice.

And it’s not an isolated case. Another accountant had six fraudulent tax returns filed under their credentials—one for over £16,000. They were alerted not by a security warning, but by inconsistencies they happened to notice.

Despite two-factor authentication (2FA) being enabled, the attackers gained access. The victim of this scam now urges others to monitor login histories, remain alert to password reset attempts and, crucially, not rely on HMRC to inform them of unusual activity.

A Call for Better Cybersecurity Tools

One small glimmer of hope came from an HMRC “security console” feature—briefly visible during the investigation—that displayed device types and recent login history. For a profession that relies on strict compliance and trust, having this kind of transparency should be a basic requirement, not a temporary measure.

As one of the hacked accountants rightly pointed out, “It’s a basic security function that’s standard across most platforms… for something as sensitive as HMRC access, it seems like a simple but essential improvement.”

The New Fundamentals: AI, Automation, and Vigilance

While AI and automation continue to transform how we manage clients, streamline bookkeeping, and improve efficiency, it’s still important to use secure barriers to protect this useful software from hackers. Every automation system—whether cloud-based software or AI-driven tax agent—must now be part of a robust cybersecurity strategy.

Francis West emphasizes the basics:

  • Enable multi-factor authentication on every account.

  • Prioritize email security—most breaches begin with a phishing attempt.

  • Back up your data daily, store it securely, and test restoration regularly.

And don’t be lulled into thinking cloud-based means secure-by-default. If criminals change your login credentials, your access is gone—so treat it like any other account you have to keep it as secure as possible from nasty opportunists. 

Final Thoughts

For many accountants, cybercrime still feels like something that happens to “other people.” But the reality is, we’re now part of a society where scams and viruses are more prevalent across our devices than they once were. Whether you’re a solo practitioner or running a large firm, protecting your digital assets is as critical as preparing a tax return accurately.

Cybersecurity is no longer an IT problem—it’s a practice-wide, leadership-level responsibility.

As we embrace automation, AI, and ever more advanced bookkeeping tools, let’s not forget the fundamentals: strong passwords, proactive monitoring, and a firm-wide culture of cybersecurity awareness.

Because the next attack may not come with a red flag—it may come disguised as a client.

Stay safe and stay vigilant!