Become a Partner With OneUp Networks


📞 +1 888-657-0210 

OneUp Header logo

QuickBooks Hosting at 50% off with OneUp Networks

📞 Sales: +1 888-657-0210 

Common Email Threats – Why CPA & Accounting Firms Need Managed Security Services

managed security services with OneUp Networks for preventing email threats

Email is an indispensable tool in the lives of Certified Public Accountants (CPAs) for exchange of sensitive financial information. Unlike other businesses like manufacturing, retail, hospitality, for a CPA firm using email happens to be the primary mode of operation – It facilitates quick and efficient communication, exchange of client data files, and sets up collaboration with clients, co-workers, and all other stakeholders. However, the very nature of e-mail exchange makes it vulnerable to a variety of cyber threats. In this detailed article, we will be exploring the numerous styles of e-mail security threats that CPAs firms must deal with, highlighting why using Managed Security Service to secure emails is more important than ever.

What are the various Email based threats that must be negated and how Managed Security Service Providers can help restrict it?


Email-based threats come in various forms, and it’s crucial to be aware of them to effectively protect your business with the help of managed cyber security services. Here are some common email threats that must be negated:

1. Phishing Attacks :

Phishing attacks involves cybercriminals sending misleading emails that impersonate your trusted entities, consisting of banks, government businesses, colleagues or even your clients. The goal is to trick recipients into disclosing private data like login credentials, social safety numbers, or corporate financial information.

In this real-life phishing scenario, we’ll take you inside a bustling office environment, where a seemingly innocuous email turns into a dangerous phishing expedition.

The Moss Adams Phishing Attack : Moss Adams LLP is one of the biggest accounting firms in the U.S., with clients from various sectors. In 2019, the cybercriminals launched an attack by sending fraudulent emails to several employees, posing as trusted colleagues or clients. These emails contained seemingly legitimate attachments or links. They used subject lines related to clients, tax documents, or payroll, to make them seem relevant to the recipients. As a result of the successful phishing attack, the cybercriminals were able to access a substantial amount of confidential client information, including financial records, tax documents, and personal data.

Consequences: The breach had significant legal and financial repercussions, as Moss Adams faced potential lawsuits and regulatory penalties for failing to adequately protect client data which also led to damaging the firm’s reputation. This calls for the firm to fortify their cybersecurity security solutions and possibly using MSS – Managed Security Service Provider.

2. Malware and Ransomware :

Malware-infested emails make use of malicious software designed to infiltrate the recipient’s computers wherein the user lose control over privacy of files and data on their system. There are many variations of malware and one such variation is ransomware – which is a subset of malware that encrypts records, demanding a ransom for decryption.

We’ll shed light on the insidious nature of these digital assailants and explore the vital steps organizations must take to shield themselves from their devastating effects-

The MPN LLP Ransomware Attack : MPN LLP is an accounting firm based out of Canada. The firm probably does not use any cybersecurity managed services at this point in time. In October 2019, the attack began when employees received phishing emails containing malicious attachments. Once an employee opened the attachment, the ransomware known as “Ryuk” installed itself on the firm’s network. Ryuk ransomware encrypted client files and data which led them to being inaccessible. The attackers then held that data demanding a significant ransom payment in exchange.

Consequences: Ultimately, it decided to pay a substantial ransom to obtain the decryption key and regain access to its encrypted data. The incident also raised concerns among clients about the security of their sensitive financial information.

Get a Free Security Audit!

Request a complimentary security audit to uncover vulnerabilities in your email system and receive expert recommendations.


3. Business Email Compromise (BEC):

BEC – also known as whaling, involves cybercriminals impersonating high-ranking executives or trusted business accomplices, to trick accountants into making unsolicited data exchange or disclosing sensitive client information.

Let’s delve into the riveting story of how trust was exploited, transactions went awry, and valuable lessons emerged from the depths of this cyber warfare-

The Medidata Solutions BEC Attack : Medidata Solutions is a global technology company that provides services for life sciences and clinical research organizations.

In June 2019, the attack began with cybercriminals gaining unauthorized access to an employee’s email account which was achieved through a spear-phishing campaign wherein specific employees within the organization were targeted. Because the company does not have any managed security in place – the attackers gain control of the email account, they used it to impersonate a high-ranking executive within the company. The attackers then sent emails to employees responsible for financial transactions requesting transfer of a substantial amount of money to a bank account believed to belong to a trusted business partner.

Consequences: The attackers misused the trust and authority associated with the executive’s email to trick employees into making the unauthorized financial transfer. This led to huge losses and to the brink of bankruptcy for the firm and can be avoided with the help of managed cloud security services.

4. Email Spoofing:

Email spoofing is a method in which attackers forge the sender’s email address to make it seem as though the e-mail originates from a valid supply. These are often laden with jeopardy to business continuity which sets panic in the users to immediately act without noticing email headers and links within the body of the email. The lack of a proper cybersecurity solutions makes companies more vulnerable to such attacks.

We will unveil the subtle art of deception employed by cybercriminals who manipulate the very fabric of trust in the digital realm with a real life scenario-

The GreenBook Solutions Spoofing Attack : GreenBook Solutions is a financial consulting company which provides services to all major sectors. Cybercriminals obtain login credentials and access the employee’s email account. The attackers misuse this access to send emails from the compromised account and make the emails seem real by utilizing email spoofing techniques to alter the sender’s name and address. The attackers send fraudulent emails to clients requesting to provide sensitive financial information, such as Social Security numbers, bank account details, and other personal data, under the pretext of completing their tax returns. The cybercriminals collect the sensitive information provided by clients, which can be used for various malicious purposes, including identity theft, tax fraud, or selling the data on the dark web.

Consequences: The firm lost the trust of their clients and significant losses. This attack raised questions on their ability to maintain client privacy which was hard to recover from.

5. Man-in-the-Middle (MitM) Attacks :

MitM attacks consists of cybercriminals intercepting and potentially changing e-mail communications between two parties without their knowledge, allowing eavesdropping or content material manipulation and duplication.

Here is an example of a firm that unwittingly become entangled in a web of deceit orchestrated by a cunning adversary employing a MitM attack-

The A&F LLC MitM Attack: LLC is a company which provides financial services. An accountant at the company had been working remotely from a local coffee shop using the public Wi-Fi network. The attackers over the same network intercepts Alice’s Wi-Fi traffic which allows him to eavesdrop on her email communications and interactions with the firm’s client portal. The attacker modifies the bank account information provided by the client over email, redirecting the funds to an account controlled by the attacker.

Consequences: A&F faced lawsuits and heavy penalties based on the fact that they did not deploy ample security measures to protect client information. MitM attacks are difficult to detect, making prevention and awareness crucial components of cybersecurity strategies for accounting firms. The need for mssp is amplified by this example and how it can help a company avoid such unwanted situations.

6. Zero-Day Exploits :

Zero-day exploits vulnerabilities in e-mail configurations of customers or co-workers that are unknown to software program developers, giving attackers the higher hand.

Due to gap in cyber security, a firm faced a crisis that threatens not just their security but the very core of their innovation –

The Zero-Day Email Exploit Attack: AlphaTauri Financial Group is well-established and relies heavily on email communication for client correspondence, financial reports, and document sharing. A cybercriminal group discovers a previously unknown zero-day vulnerability in widely used email server software and the attackers commence a highly sophisticated and targeted campaign aimed at employees by sending emails that contain malicious attachments or links. When an employee opens the attachment or clicks the link, it triggers the zero-day exploit, which takes advantage of the email server vulnerability to gain access to the recipient’s inbox.

Email Server Compromise: The attackers gain access to sensitive client communications, financial reports, and documents shared via email. They also monitor ongoing email traffic for opportunities to exploit further. The attackers may exfiltrate sensitive client data, financial records, and confidential emails. A SIEM and SOC solution that can be provided by a mss provider can help avoid such instances.

7. Insider Threats :

Insider threats involve employees within an organization abusing their higher access privileges to compromise email protection, either intentionally or unintentionally. IT service providers play a crucial role in helping organizations prevent insider threats by implementing a range of security measures and best practices.

This case could be well explained with a hypothetical case that could arise in any company- Abby has privileged access to the firm’s client database, financial records, and email communications as part of her role. She also knows the firm’s cybersecurity measures and vulnerabilities. She decides to exploit her access to sensitive data by forwarding some of this information to her personal email account.

8. Distributed Denial of Service (DDoS) Attacks :

DDoS assaults weigh down email servers with a deluge of requests, leading to disruptions in email functionality and exposing vulnerabilities.

We’ll unveil the sinister mechanics behind DDoS Attacks with an example, revealing how cyber assailants harness the power of thousands to overwhelm their targets –

A mid-sized accounting firm that heavily relies on email for client communication, document sharing, and scheduling appointments.

An attacker sends an email to an employee which is opened. The malware on the infected computer secretly establishes a connection with a command-and-control server and the attacker further uses the compromised computer as a foothold to infect other computers within firm’s network, creating a botnet of compromised devices.

Consequence: The botnet, now consisting of multiple compromised devices, launches the DDoS attack on the firm’s network infrastructure. This flood of traffic disrupts normal email operations, causing email services to become unresponsive due to absence of SIEM and Email Security in the organization’s infra.


Email security threats pose an obvious threat to CPAs, as it threatens the confidentiality, integrity, and availability of what should be otherwise highly private information. In the vast and interconnected landscape of digital business, email threats loom as silent predators, capable of striking at any moment. The stories we’ve explored today should serve as a stark reminder that the consequences of inaction can be devastating. Ignoring the perils of email threats could jeopardize not just your data but the very future of your business.

But here’s the good news: You don’t have to face this digital wilderness alone. Managed Security Services are your vigilant protectors, standing guard against the ever-evolving tactics of cybercriminals. By partnering with a trusted security provider, you can bolster your defenses, fortify your business, and navigate these treacherous waters with confidence.

Are you ready to safeguard your business from the lurking threats of the digital age? Don’t wait until it’s too late. Contact OneUp Networks today by emailing at [email protected].

Oliver Westwood
Oliver Westwood

Meet Oliver Westwood from OneUp Networks, your go-to expert in accounting and finance, specializing in cloud hosting. With a knack for dissecting industry trends, Oliver illuminates how shifting to the cloud can supercharge productivity. Join him as he unveils the transformative power of cloud hosting, guiding you towards streamlined processes and sustainable growth.

Your email address will not be published. Required fields are marked *

Know More


Sign up our newsletter to get update information, news and free insight.

Latest Post