3 Biggest Cybersecurity Liabilities Accounting Companies Face

Tim Sines

Cyber crimes affect businesses across all industries, and it’s only getting worse as more and more businesses shift their operations online. However, not all businesses are equally affected. When you operate an accounting firm, you’re among one of the top targets for cyber criminals. Many malicious actors want easy access to confidential information, such as bank or credit card data. Since accounting firms work with this information often, they are frequently in the crosshairs.

Cyber attacks are a “when” and not an “if.” According to the FBI, cybercrime has surged by over 300% since the pandemic began in early 2020. Why? Experts suggest that cybercrime is on the rise because people (and businesses) are spending more time online doing their daily activities, which include buying, selling, and working. This has made everyone — consumers and businesses — more vulnerable to cyber attacks.

Unless and until your firm becomes the latest victim, it may be difficult to understand the devastating impact of a cyber attack. However, the future of your business depends on your proactive stance against criminal activity in all its forms.

Think cybercrime is only for the big guys in your industry? Think again. If you operate a small or medium-sized accounting firm, you’ve even more vulnerable to an impending cyber attack. Cyber criminals target smaller operations because they tend to be easier targets. When compared to large brands, smaller firms rarely invest the time, money, or resources into proactively defending against malicious cyber activity. Instead, small and medium sized firms are often sitting ducks, waiting to be the next target in an attack.

For this reason, it’s important that you not only educate yourself on the cyber crime trends but that you also take steps to protect your accounting firm against potential acts of malicious intent.

It's important that you not only educate yourself on the cyber crime trends but that you also take steps to protect your accounting firm against potential acts of malicious intent. Click To Tweet

In this post, we’ll take a look at the most dangerous cyber threats that you may encounter as an accounting firm and what you can do about them.Top Cybersecurity Threats for Accounting Firms

What are the Top Cybercrimes Against Accounting Firms?

Before we dive into the different types of cyber attacks you need to be aware of, let’s quickly go over some terminology.

Server – A server is a computer that stores software as well as your website. As its name suggests, the server responds to any requests that it receives.

Client – A client is a piece of hardware or software that finds and uses resources from a server. For example, your web browser, such as Chrome or Safari, is an example of a client. When you want to look up a website, such as this one, your browser (i.e. client) sends a message to the server where this website lives.

With those basics out of the way, let’s take a look at the biggest cyber attacks that you need to plan for.

Distributed Denial-of-Service (DDoS) Attack

A distributed denial-of-service, also known as a DDoS, is when a criminal attempts to overwhelm an online service so that it becomes unavailable to its users. The attacker exploits a normal client-server relationship and floods the network with continuous requests for data. The server becomes inundated with requests and cannot keep up with the demand. As a result, the online service becomes unavailable to all clients.

For example, if under a DDoS attack, your website may become excessively slow to load or completely unavailable. Eventually, once the network crashes, some attackers will hack into the system to carry out their malicious activities. However, for other hacks, the aim of the attack is to simply knock your website offline until you agree to their terms, which you may need to do in order to call off the attack.


Malicious software, or malware for short, refers to any file or program that was designed to harm a computer, server, or network.

Here are the most common types of malware to be on the lookout for:

Ransomware – This type of malware will lock you out of your own software or block your access to your business data (including customer information) until you pay a — you guessed it — ransom.  Attackers usually use some form of encryption to prevent you from getting into your files. Cybercriminals can maintain complete anonymity during this attack and can even demand payment in cryptocurrency to decrypt and unlock your files.

Virus – A virus is a computer program that’s designed to infect a file and then replicate copies of itself, destroying how the computer works.

Spyware – Spyware is malicious software that is installed on your device. It is designed to monitor you and gather sensitive information about and from you without your knowledge or permission. This software collects data and then sends the information to the attacker. Spyware is usually packaged with a legitimate software (but one downloaded from an unreliable source). You can also get a spyware infection from opening an email attachment or clicking on a link.

Spyware typically works quietly in the background, and you may not even realize that your computer or network has been infected. However, once spyware infects your device, it can gather a lot of information, such as your web browsing history, your email address, your login credentials (including your user name and password), and your credit card details. It can even record your keyboard stroke (i.e. the keys that you type on your keyboard). This way, even if your sensitive information is visibly blocked on the screen, your attacker can still know exactly what you typed.

Rootkits – A rootkit is a malware that enables unauthorized users (a.k.a. cybercriminals) to gain access and control over your computer or network. This type of malware is notoriously difficult to detect because it operates on the highest security level (the same one that your computer’s operating system uses).

Rootkits are dangerous because they give the hacker administrator-level access. From a remote location, a cybercriminal can then steal data, add other types of malware, spy on you, and create a permanent backdoor so that the hacker can return to your computer at a later time. Rootkits are difficult to remove because you probably don’t even know that one has been installed on your system. They can bury themselves and operate quietly without attracting any attention.

Rootkits can enter your machine in various ways, including phishing, corrupted files (such as an infected PDF), or through vulnerabilities in a software installed on your system.


Phishing (pronounced fishing) is considered a social engineering attack. Social engineering means that the attack requires some level of human interaction. In this case, the human interaction is to open the message and act on its call to action.

When phishing, a criminal uses email (and sometimes texts) as a weapon for stealing data, such as credit card numbers, bank information, or login credentials. In phishing schemes, attackers can masquerade as your organization and ask the target for sensitive information.

These phishing schemes go much deeper than the fraudulent email or text message. Many phishing schemes include the cloning of a legitimate website, including login pages. If a target clicks on the link within an email, they’ll land on this fraudulent site that may likely look exactly like your site. The criminal then logs into the website using their personal details. Because the fraudulent site belongs to the cybercriminal, they now have the email or text recipient’s login information and can access their real account using these stolen credentials.

It’s important to note that over 90% of cyberattacks start with a phishing message.Top Cybersecurity Threats for Accounting Firms

What Can You Do About Cyberattacks?

To improve security online, always do the following:

Secure Your File Sharing – These days, it’s easy and convenient to share files digitally with your team. However, bad actors can often gain access to your sensitive data, and even your entire system, if you fail to insure your online file sharing process.

Strengthen your password – Make it harder for criminals to gain access to your data by creating stronger passwords that are harder to crack. Also, ensure that you and your team don’t use the same passwords for multiple websites. This way, if a hacker is able to gain access to one site, they won’t immediately gain access to others by using the same password.

Use a Virtual Private Network – Install a virtual private network (or VPN for short) on all devices that will connect to your firm’s network, especially if your workers will be using public connections (such as at hotels or cafes). VPNs can encrypt your sensitive information and shield your activities when browsing on a public internet connection.

Final Thoughts

Focusing on your firm’s cybersecurity is one of the most important business activities you can do this year. Your clients are trusting you to keep their personal data safe, so it’s your responsibility to do just that.

Blog Categories

Recent Articles

What is a realization rate

How To Increase Your Realization Rate

In this guide for accountants, we discuss what is a realization rate, and how you can use this metric to improve your firm’s profitability.

Improve Your Accounting Firm’s Website

Your Website is Costing You Business

Your website serves as the front door to your accounting firm. If…

How Accountants Can Avoid Burnout During Tax Season

How Accountants Can Avoid Burnout During Tax Season

Welcome to your survival guide for the tax season. For accounting professionals,…

How to Stay Focused During Tax Season

How to Stay Focused During Tax Season

When tax season hits, it’s both a marathon and a sprint. It’s…

Time Tracking Tips for Tax Season

Time Tracking Tips for Tax Season

Tax season is here, and for us accountants, it means our days…