As the festive season approaches, the excitement surrounding Black Friday, Cyber Monday, and Christmas shopping often leads to a sharp increase in cyber threats. During this time, online consumer behaviour changes drastically—shoppers are eager for deals, working against the clock, and spending more time online.
This frenzy presents an ideal opportunity for cyber criminals, who take advantage of increased online traffic, distracted users, and businesses operating out-of-hours to launch attacks. For organisations, this shift introduces unique risks and demands heightened security measures.
This month, we are focusing on the elevated cyber risks associated with the festive season. We will explore how cyber criminals exploit holiday shopping habits and changes in consumer behaviour, provide examples of high-profile incidents, and offer best practices that organisations can implement to safeguard their operations during this critical period.
Why Cyber Criminals Love the Festive Season
During peak shopping times like Black Friday and Christmas, cyber crime rises as consumers spend billions online. A recent report by ThriveDX found that ransomware attacks increase by 30% during the holidays compared to regular months.
Cyber criminals know that consumers are often distracted while hunting for deals, leaving them vulnerable to phishing attacks and other scams. According to Forbes, in 2022 37% of data breaches in retail involved stolen payment card data, and ransomware accounted for 24% of breaches, with retailers often pressured to pay to avoid disruptions during their busiest sales periods.
A notable example of cyber criminals exploiting the festive period to steal payment card data is the Target breach, which affected approximately 40 million credit and debit card accounts during the holiday shopping period. The attack, facilitated by malware installed through an HVAC subcontractor, led to widespread customer distrust and hefty fines. This incident is a stark reminder that even well-established businesses with strong security frameworks can fall victim to cyber crime during the holidays.
"Happy Leakmus!"
It seems that cyber criminals don’t just like to play the Grinch during the holiday season, even they have been seen getting into the festive spirit.
In an event that took place last Christmas, aptly named “Free Leaksmus” cyber criminals leaked an estimated 50 million records containing personal information and other sensitive data on the Dark Web in an apparent keeping with the Christmas spirit and to potentially attract new customers.
Some cyber criminal shop fronts were even offering seasonal discounts for certain compromised data, a report by Resecurity discovered some discounts of up to 40% on compromised online banking and e-commerce accounts.
Data breaches happen every day, at companies large and small, with stolen credentials commanding a premium on the Dark Web.
With over 24 billion sets of usernames and passwords currently for sale on the dark web¹, it has never been more important to keep control of your credentials.
The advanced scanning software within CyberLab Control crawls the Dark Web for compromised business credentials.
Where it finds stolen data, we identify the source of the breach, alert you instantly, and provide advice on how to keep your accounts secure.
You may be surprised how much of your information is already out there.
The Dark Web: The Digital Wild West
The Dark Web has a significant role in cyber crime. Uncover recent data breaches, and the risks your organisation faces. Learn the strategies to protect your sensitive data from being sold online.
Top 5 Most Common Threats During the Festive Season
Phishing scams
Cyber criminals take advantage of consumers’ increased reliance on online shopping by sending emails that mimic trusted brands. These emails often include malicious files or links to fake websites where users unknowingly provide personal and payment information.
A report by DataProt found that over 70% of phishing emails were opened by recipients in 2023, especially during periods like Black Friday and Christmas when consumers are bombarded with promotional emails.
Ransomware
Between December and January, attempted ransomware attacks rose by 70%, as businesses were more willing to pay to prevent operational disruption. The combination of out-of-hours operations and an influx of temporary workers makes organisations more vulnerable to these attacks. [source: Darktrace]
Typosquatting
Cyber criminal websites that resemble legitimate retailers, often relying on common typos in domain names to trick consumers into entering their personal details. During Black Friday and Cyber Monday, these schemes become even more prevalent as users rush to make purchases. [source: Forbes]
Out-of-hours Attacks
According to Darktrace, in 76% of detected ransomware infections, the encryption process begins after hours or during the weekend.
Cyber criminals and threat actors alike often increase attack attempts during off-hours, particularly on weekends or holidays, when fewer staff are available to monitor security alerts in real time, making it easier to exploit standard organisational processes and human vulnerability.
With fewer personnel on-hand to respond, threat actors are often afforded more time to establish a deeper foothold within internal networks before being detected. For example, ransomware attacks tend to peak during these times, knowing that quick responses are more challenging.
AI-Enhanced Scams
The National Cyber Security Centre (NCSC) has warned that AI-generated scams will play a significant role this festive season, producing more polished and convincing phishing emails and fake websites.
According to NCSC, 72% of British people are concerned about AI making it easier for criminals to commit fraud. The misuse of AI to bolster scams, such as creating fake advertisements and fraudulent emails, makes it harder for consumers to discern between legitimate offers and cyber threats. [source: NCSC]
Best Practices to Protect Your Organisation
Due to the rise in cyber threats during the festive season, businesses must remain vigilant and proactive. Here are some best practices to consider:
1. Ensure Regular System Updates and Patching
Cyber criminals often exploit known vulnerabilities, so it’s crucial to keep all software and systems up to date with the latest security patches.
Protect your operating systems and third-party software from vulnerabilities with vRx from Vicarius.
A complete patch management system that discovers, prioritises, and remediates software vulnerabilities across your estate, including the smaller applications that are often forgotten.
2. Strengthen Employee Awareness and Training
Seasonal hires, in particular, are vulnerable to phishing attacks and social engineering as they are typically only contracted to work over the busy festive periods and so are less likely to be fully integrated into organisations’ policies and processes, meaning they may not have as much exposure or training to become vigilant to suspicious behaviours or cyber criminal activity.
Training employees to identify suspicious emails or websites can reduce the risk of human error. Verizon’s 2023 Data Breach Investigations Report found that human error played a role in 74% of breaches, highlighting the need for continual employee awareness. For temporary staff, provide quick, engaging onboarding modules that put emphasise on detecting phishing attempts and other social engineering tactics.
3. Implement Multi-Factor Authentication (MFA)
MFA adds an additional layer of security, which makes it more difficult for attackers to access systems even if they possess stolen credentials. SecurEnvoy helps to fortify your security and reduce the risk of data breaches by keeping track of where your data resides and making sure that only authorised users can access critical systems and information.
4. Monitor Network Traffic
Increased traffic during the festive period can strain your networks. Deploy monitoring tools to detect abnormal activity and prevent distributed denial of service (DDoS) attacks.
5. Consider Managed Security Services
If your business lacks in-house expertise, consider partnering with a Managed Security Service Provider (MSSP) for services such as threat detection and response, penetration testing, and incident response.
6. Dark Web Monitoring
Services such as CyberLab Control can help detect if any of your organisation’s data has been exposed on the dark web and provide real-time alerts to mitigate risks.
7. Prepare an Incident Response Plan
With out-of-hours attacks more common during the holidays, having a robust incident response plan is critical. Outsourcing to a retainer service, such as those offered by Sophos, can reduce the pressure on internal teams by providing expert guidance in handling incidents.
Conclusion
As the holiday season ramps up, so do the threats from cyber criminals eager to exploit changes in consumer behaviour and the operational vulnerabilities of businesses. By understanding the tactics used by attackers and implementing best practices such as employee training, regular system updates, and robust monitoring, organisations can significantly reduce their risk of falling victim to cyber crime.
Stay vigilant, invest in cyber security measures, and ensure your defences are up to the challenge this festive season. sophisticated cyber threats.
Find Out More About CyberLab and how we can protect your organisation on our website.
