UK Industry Guide
Cyber security for UK accountancy firms
Accountants are high-value targets — they hold client financial data, payroll details and HMRC credentials. HMRC-themed phishing and impersonation attacks against UK accountants surged 240% in the past year.
Avg loss per incident
£64,000
Top regulations
UK energy cyber tools
Top threats
HMRC self-assessment phishing
Spoofed HMRC notices delivering OneNote payloads or credential-harvesting pages.
Payroll fraud
Attackers redirect employee or contractor salary payments after compromising email accounts.
Client data exfiltration
Theft of accounting records sold on dark-web markets or used for follow-on fraud.
Quick wins
- 01Move all client document exchange to a portal — never email tax returns or payroll
- 02Enforce phishing-resistant MFA on Xero, QuickBooks, FreeAgent and HMRC agent services
- 03Implement DMARC at p=reject to stop attackers spoofing your domain to clients
- 04Tabletop a payroll-fraud incident at least once a year
Frequently asked questions
Why are accountants targeted so heavily?▶
Compromising one accountancy firm gives attackers a path into dozens or hundreds of SME clients — multiplying the value of a single breach.
Is Cyber Essentials required by ICAEW or ACCA?▶
Not mandated, but both bodies expect 'appropriate' technical controls. Cyber Essentials is the easiest way to evidence them and is increasingly required by professional indemnity insurers.
Get your sector-specific risk score
A 5-minute AI assessment with a downloadable PDF tailored to accountants.