As we reach the end of the year, many people are preparing to switch off and enjoy some time away for the Christmas holidays. The challenge, as always, is that criminal activity does not slow down just because organisations do, and it is important to remember that cyber risks remain high. The run-up to Christmas has become a reliable period for opportunistic attacks, and 2025 has continued that pattern.
Below is a simple set of points you can share with teams before the break.
AI-driven scams are now part of the normal threat landscape
One noticeable shift this year is how routine AI-enabled fraud has become. We are seeing more convincing phishing emails, more realistic voice impersonation, and login pages that are difficult to distinguish from the real thing. Attackers have had a steady stream of leaked data to work with, and the quality shows.
If a message or call is unexpected, slow down and verify it through a trusted route. Do not click. Do not respond. Do not provide authentication codes.
Seasonal shopping and delivery scams will increase
This year has also seen a rise in fake retailers, subscription renewals and delivery notifications designed to capture credentials or payment information. Many of the fraudulent sites look convincing at a glance. Encourage staff to go directly to the retailer’s official site rather than using links in messages.
Report anything suspicious promptly, even during the break
Several incidents this year became more complex because someone hesitated to report an unusual notification while they were off. A quick report at the time can prevent unnecessary impact later. If something looks wrong, raise it immediately.
Holiday cover is often thinner than planned
Reduced staff availability, reliance on third parties and travel commitments can slow incident response. It is worth confirming which internal and external contacts are genuinely available, checking access requirements, and reviewing how escalations will work during this period.
Remote working from varied locations increases exposure
Many people will be working from relatives’ homes, hotels or other informal settings. These environments introduce additional risks, such as shared networks, unattended devices and general distractions.
A few reminders help. Lock screens when stepping away, avoid public Wi-Fi unless using a secure connection, keep devices secure, and never share passwords or authentication codes.
Deepfake payment fraud has become a realistic threat
There have been cases this year where attackers used convincing audio or video to imitate senior staff and push urgent payment requests. This often occurs near year-end when finance teams are busy. Reinforcing approval processes is more effective than relying on how something sounds or looks.
Final note
Everyone benefits from a proper break, and most incidents can be avoided with small moments of caution. If something seems unusual, report it. Early action is still the most effective control.
