skip navigation
skip mega-menu

Cyber Crime and the Festive Season: A Dangerous Spike in Cyber Threats

As the festive season approaches, the excitement surrounding Black Friday, Cyber Monday, and Christmas shopping often leads to a sharp increase in cyber threats. During this time, online consumer behaviour changes drastically—shoppers are eager for deals, working against the clock, and spending more time online.

This frenzy presents an ideal opportunity for cyber criminals, who take advantage of increased online traffic, distracted users, and businesses operating out-of-hours to launch attacks. For organisations, this shift introduces unique risks and demands heightened security measures.

This month, we are focusing on the elevated cyber risks associated with the festive season. We will explore how cyber criminals exploit holiday shopping habits and changes in consumer behaviour, provide examples of high-profile incidents, and offer best practices that organisations can implement to safeguard their operations during this critical period.


Why Cyber Criminals Love the Festive Season

During peak shopping times like Black Friday and Christmas, cyber crime rises as consumers spend billions online. A recent report by ThriveDX found that ransomware attacks increase by 30% during the holidays compared to regular months.

Cyber criminals know that consumers are often distracted while hunting for deals, leaving them vulnerable to phishing attacks and other scams. According to Forbes, in 2022 37% of data breaches in retail involved stolen payment card data, and ransomware accounted for 24% of breaches, with retailers often pressured to pay to avoid disruptions during their busiest sales periods.

A notable example of cyber criminals exploiting the festive period to steal payment card data is the Target breach, which affected approximately 40 million credit and debit card accounts during the holiday shopping period. The attack, facilitated by malware installed through an HVAC subcontractor, led to widespread customer distrust and hefty fines. This incident is a stark reminder that even well-established businesses with strong security frameworks can fall victim to cyber crime during the holidays. 


"Happy Leakmus!"

It seems that cyber criminals don’t just like to play the Grinch during the holiday season, even they have been seen getting into the festive spirit.

In an event that took place last Christmas, aptly named “Free Leaksmus” cyber criminals leaked an estimated 50 million records containing personal information and other sensitive data on the Dark Web in an apparent keeping with the Christmas spirit and to potentially attract new customers.

Some cyber criminal shop fronts were even offering seasonal discounts for certain compromised data, a report by Resecurity discovered some discounts of up to 40% on compromised online banking and e-commerce accounts.


Data breaches happen every day, at companies large and small, with stolen credentials commanding a premium on the Dark Web.

With over 24 billion sets of usernames and passwords currently for sale on the dark web¹, it has never been more important to keep control of your credentials.

The advanced scanning software within CyberLab Control crawls the Dark Web for compromised business credentials.

Where it finds stolen data, we identify the source of the breach, alert you instantly, and provide advice on how to keep your accounts secure.

You may be surprised how much of your information is already out there.


The Dark Web: The Digital Wild West

The Dark Web has a significant role in cyber crime. Uncover recent data breaches, and the risks your organisation faces. Learn the strategies to protect your sensitive data from being sold online.


Top 5 Most Common Threats During the Festive Season

Phishing scams

Cyber criminals take advantage of consumers’ increased reliance on online shopping by sending emails that mimic trusted brands. These emails often include malicious files or links to fake websites where users unknowingly provide personal and payment information.

A report by DataProt found that over 70% of phishing emails were opened by recipients in 2023, especially during periods like Black Friday and Christmas when consumers are bombarded with promotional emails.

Ransomware

Between December and January, attempted ransomware attacks rose by 70%, as businesses were more willing to pay to prevent operational disruption. The combination of out-of-hours operations and an influx of temporary workers makes organisations more vulnerable to these attacks. [source: Darktrace]

Typosquatting

Cyber criminal websites that resemble legitimate retailers, often relying on common typos in domain names to trick consumers into entering their personal details. During Black Friday and Cyber Monday, these schemes become even more prevalent as users rush to make purchases. [source: Forbes]

Out-of-hours Attacks

According to Darktrace, in 76% of detected ransomware infections, the encryption process begins after hours or during the weekend.

Cyber criminals and threat actors alike often increase attack attempts during off-hours, particularly on weekends or holidays, when fewer staff are available to monitor security alerts in real time, making it easier to exploit standard organisational processes and human vulnerability.

With fewer personnel on-hand to respond, threat actors are often afforded more time to establish a deeper foothold within internal networks before being detected. For example, ransomware attacks tend to peak during these times, knowing that quick responses are more challenging.

AI-Enhanced Scams

The National Cyber Security Centre (NCSC) has warned that AI-generated scams will play a significant role this festive season, producing more polished and convincing phishing emails and fake websites.

According to NCSC, 72% of British people are concerned about AI making it easier for criminals to commit fraud. The misuse of AI to bolster scams, such as creating fake advertisements and fraudulent emails, makes it harder for consumers to discern between legitimate offers and cyber threats. [source: NCSC]


Best Practices to Protect Your Organisation

Due to the rise in cyber threats during the festive season, businesses must remain vigilant and proactive. Here are some best practices to consider:

1. Ensure Regular System Updates and Patching

Cyber criminals often exploit known vulnerabilities, so it’s crucial to keep all software and systems up to date with the latest security patches. 

Protect your operating systems and third-party software from vulnerabilities with vRx from Vicarius.

A complete patch management system that discovers, prioritises, and remediates software vulnerabilities across your estate, including the smaller applications that are often forgotten. 

2. Strengthen Employee Awareness and Training

Seasonal hires, in particular, are vulnerable to phishing attacks and social engineering as they are typically only contracted to work over the busy festive periods and so are less likely to be fully integrated into organisations’ policies and processes, meaning they may not have as much exposure or training to become vigilant to suspicious behaviours or cyber criminal activity.

Training employees to identify suspicious emails or websites can reduce the risk of human error. Verizon’s 2023 Data Breach Investigations Report found that human error played a role in 74% of breaches, highlighting the need for continual employee awareness. For temporary staff, provide quick, engaging onboarding modules that put emphasise on detecting phishing attempts and other social engineering tactics.

3. Implement Multi-Factor Authentication (MFA)

MFA adds an additional layer of security, which makes it more difficult for attackers to access systems even if they possess stolen credentials. SecurEnvoy helps to fortify your security and reduce the risk of data breaches by keeping track of where your data resides and making sure that only authorised users can access critical systems and information.

4. Monitor Network Traffic

Increased traffic during the festive period can strain your networks. Deploy monitoring tools to detect abnormal activity and prevent distributed denial of service (DDoS) attacks.

5. Consider Managed Security Services

If your business lacks in-house expertise, consider partnering with a Managed Security Service Provider (MSSP) for services such as threat detection and response, penetration testing, and incident response.

6. Dark Web Monitoring

Services such as CyberLab Control can help detect if any of your organisation’s data has been exposed on the dark web and provide real-time alerts to mitigate risks.

7. Prepare an Incident Response Plan

With out-of-hours attacks more common during the holidays, having a robust incident response plan is critical. Outsourcing to a retainer service, such as those offered by Sophos, can reduce the pressure on internal teams by providing expert guidance in handling incidents.


Conclusion

As the holiday season ramps up, so do the threats from cyber criminals eager to exploit changes in consumer behaviour and the operational vulnerabilities of businesses. By understanding the tactics used by attackers and implementing best practices such as employee training, regular system updates, and robust monitoring, organisations can significantly reduce their risk of falling victim to cyber crime.

Stay vigilant, invest in cyber security measures, and ensure your defences are up to the challenge this festive season. sophisticated cyber threats.

Find Out More About CyberLab and how we can protect your organisation on our website.

Explore jobs at CyberLab

Cyber Security Account Executive

CyberLab is a specialist cyber security company that provides a wide range of security solutions and services. Your one-stop cyber security advisor, the CyberLab team is equipped with the right technology, knowledge, and expertise to help businesses of all sizes, including large public sector organisations.By leveraging world-class technology, decades of experience, and our vendor partnerships, we have helped to secure thousands of organisations across the UK. Our unique Detect, Protect, Support approach makes us the perfect partner to review and reinforce your cyber security defences.  "a great place to work a great place to be a customer"The CyberLab team are proud to help protect over 1000 of the UK’s blue-chip enterprise businesses, government departments, and household names.We have helped organisations of all shapes and sizes to improve their cyber security:"With continued support from CyberLab we are able to ensure our solutions are always fit for purpose.” - Andrew Chaplin, IT infrastructure, Spicerhaart “Having usedOur customers rate us as Excellent on TrustPilot CyberLab before in a previous Head of IT role, I had no hesitation in engaging them again to assist us with our security needs. Simply, I wouldn’t use them if they didn’t consistently deliver value.” - Head of IT, NHS Trust “CyberLab are always there to help. Being able to pick up the phone or email and have access to a dedicated account manager who is always there to assist provides excellent value for us." - Simon Hobdell, Technical Team Leader, Buckinghamshire Council  CyberLab, a specialist cyber security company combining Chess Cyber Security, Armadillo Sec and Cyberlab ConsultingOur HistorySince the acquisition of Foursys in 2017, Chess has been on a journey to becoming a cyber security powerhouse. In 2021, 15 of the UK’s top Penetration Test experts joined the company through the acquisition of Armadillo Sec. In 2023, Chess acquired Cyberlab Consulting, a specialist cyber security consultancy that provides a range of compliance and managed security services, including a cyber security as a service (CSaaS) platform.In May 2023, Chess Cyber Security became independent from Chess ICT, bringing all of our cyber security operations under the CyberLab banner – a specialist cyber security company combining Chess Cyber Security, Armadillo Sec and Cyberlab Consulting into one entity, providing a one-stop shop for all UK business Security needs.

CyberLab
Cyber Security Account Director

CyberLab is a specialist cyber security company that provides a wide range of security solutions and services. Your one-stop cyber security advisor, the CyberLab team is equipped with the right technology, knowledge, and expertise to help businesses of all sizes, including large public sector organisations.By leveraging world-class technology, decades of experience, and our vendor partnerships, we have helped to secure thousands of organisations across the UK. Our unique Detect, Protect, Support approach makes us the perfect partner to review and reinforce your cyber security defences.  "a great place to work a great place to be a customer"The CyberLab team are proud to help protect over 1000 of the UK’s blue-chip enterprise businesses, government departments, and household names.We have helped organisations of all shapes and sizes to improve their cyber security:"With continued support from CyberLab we are able to ensure our solutions are always fit for purpose.” - Andrew Chaplin, IT infrastructure, Spicerhaart “Having usedOur customers rate us as Excellent on TrustPilot CyberLab before in a previous Head of IT role, I had no hesitation in engaging them again to assist us with our security needs. Simply, I wouldn’t use them if they didn’t consistently deliver value.” - Head of IT, NHS Trust “CyberLab are always there to help. Being able to pick up the phone or email and have access to a dedicated account manager who is always there to assist provides excellent value for us." - Simon Hobdell, Technical Team Leader, Buckinghamshire Council  CyberLab, a specialist cyber security company combining Chess Cyber Security, Armadillo Sec and Cyberlab ConsultingOur HistorySince the acquisition of Foursys in 2017, Chess has been on a journey to becoming a cyber security powerhouse. In 2021, 15 of the UK’s top Penetration Test experts joined the company through the acquisition of Armadillo Sec. In 2023, Chess acquired Cyberlab Consulting, a specialist cyber security consultancy that provides a range of compliance and managed security services, including a cyber security as a service (CSaaS) platform.In May 2023, Chess Cyber Security became independent from Chess ICT, bringing all of our cyber security operations under the CyberLab banner – a specialist cyber security company combining Chess Cyber Security, Armadillo Sec and Cyberlab Consulting into one entity, providing a one-stop shop for all UK business Security needs.

CyberLab

Subscribe to our newsletter

Sign up here

" class="hidden">丰兆新材