Cyber Monday isn’t just a shopping frenzy, it’s prime time for cyber criminals. As businesses rush to close deals, process year-end payments and manage holiday logistics, attackers exploit the chaos with sophisticated phishing campaigns. For B2B organisations, the stakes are high: one click can lead to financial loss, data breaches and reputational damage.
The surge in cyber crime over Cyber Monday
The numbers tell the story:
- Phishing activities spike by 128% during the holiday season compared to the yearly average [Sophos]
- Cyber Monday and Black Friday see a 229% surge in phishing attacks, making them the most dangerous days for businesses [Sophos]
- Mobile phishing attacks increase during December drastically, targeting employees on BYOD devices and creating direct pathways into corporate networks
- Over 18,000 holiday-themed domains were registered in the last three months, with hundreds classified as malicious – many mimicking trusted brands and services [Sophos]
- AI-driven phishing campaigns are now mainstream, with 82.6% of phishing emails making use out of AI to bypass detection
This isn’t just a consumer problem, businesses are prime targets for Business Email Compromise (BEC), fake invoices and supply chain attacks during this period.
Top 5 B2B phishing scams this December
1. Business Email Compromise (BEC)
This is where cyber criminals impersonate executives or vendors to request urgent wire transfers or gift card purchases. During the holiday rush, employees are more likely to act quickly without verification.
Red flag: emails demanding immediate payment or gift card purchases for “holiday events.” With AI being used for phishing attempts now, looking out for spelling errors and oddly-phrased sentences is not enough, cyber criminals are using AI-powered tools to quickly draft personalised emails that look genuine, so the way we spot phishing attempts need to become starter.
Tip: always verify payment changes via a known phone number and if you are unsure then contact the person who sent you a message through another channel. With phishing attempts becoming more well known and discussed amongst wider teams, not just IT, your manager would appreciate you double checking before acting on impulse – so don’t worry about asking through another channel if you are unsure!
2. Fake invoices and payment switch-ups
Fraudsters send phony invoices or hijack legitimate email threads to alter banking details. Year-end billing cycles can often make finance teams vulnerable as there are many other deadlines to meet, you may assume that the fake invoice coming is just another one.
Red flag: anything that is too time-pressured and if there is messaging like “updated banking details”, suggesting that you have gone in and updated bank details already, which can cause concern thinking that you have already been a victim of fraud.
Tip: educate members of your team regularly about who sends invoices and what process your company goes through to update payments. This can be done through a call-back rule for any financial changes, whilst making sure to scrutinise all invoices that you get sent carefully before any action is taken.
3. Fake shipping and delivery notifications
Over the Christmas period and Cyber Monday, there is a surge across increased shipping activities, which attackers take advantage of through impersonating carriers like UPS or FedEx, often coming in “track packages” phishing links.
Red flag: unexpected delivery notifications with clickable links. Many people order multiple gifts around Christmas time at once, so can lose track of what they have ordered . This is where cyber criminals jump in to take advantage!
Tip: bookmark official tracking pages and never click links in unsolicited emails.
4. Malicious holiday attachments
Cyber criminals can use social engineering tactics to research where your company usually has their Christmas party and can disguise an email from your chosen Christmas party supplier so that you believe you are opening a genuine email. These emails then include attachments like “Holiday_Schedule.pdf” or “Party_List.xls” which can often contain malware.
Red flag: seasonal-themed attachments from unknown senders. These are more believable when it’s coming from a disguised email address for your Christmas party supplier.
Tip: block macros, scan attachments and verify before opening.
5. Fake charity and CSR donation scams
Christmas time is a good opportunity for people to give back to their communities and to chosen charities, with more and more organisations partnering with charities and fundraising, cyber criminals can take advantage of this demand by posing as a charity and/or executive requesting donations for holiday causes.
Red flag: urgent donation request via email, usually charities will plan their annual communications in good time and are very unlikely to request last-minute donation requests.
Tip: verify charities through trusted sources and centralise donation approvals.
Why staying updated matters
Phishing attacks are getting smarter and more personalised at breakneck speed. Gone are the days of poorly written emails, today’s scams use AI-generated content, deepfake voices and multi-channel tactics (email, SMS, social media) to appear legitimate.
- 90% of breaches start with a phishing email [Sophos]
- Attackers exploit seasonal vulnerabilities, timing attacks for maximum impact when businesses run lean holiday staff and employees are distracted
- New tactics include HTML smuggling, QR code phishing and CAPTCHA-protected phishing sites that evade traditional security tools [Sophos]
What you can do
- Continuous training: employees must learn to spot evolving phishing tactics. Regular training and sharing new tactics are a good way to promote a zero trust approach amongst staff
- Threat intelligence updates: monitor reports from trusted sources like CISA and industry threat feeds
- Layered security: combine email filtering, MFA and endpoint protection with human vigilance
- Set up your meeting with CSG today to learn how we can stop phishing emails before even reaching your inbox
Cyber Monday and the holiday season are peak attack windows for cyber criminals. Staying informed and proactive is essential to staying protected against cyber attacks. Businesses that invest in awareness training, secure verification processes and up-to-date security tools will be far better equipped to defend against these threats.