Don't let holiday cyberattacks spoil your festivities

The holiday season brings joy, togetherness, and—unfortunately—cyber threats. As online shopping surges and businesses operate with leaner holiday staffing, cybercriminals seize the opportunity to strike.

From phishing scams to ransomware attacks, these digital dangers can quickly turn celebrations into headaches. But with a little preparation and awareness, you can celebrate in a safer way and help keep digital threats at bay.

Common holiday cyberattacks

Holiday cyberattacks often feel more frequent—increased digital activity, distracted users, and enticing deals create a perfect storm for cybercriminals. Here are some of the most common threats:

• Phishing scams: Fake emails or messages masquerading as trusted brands offer discounts or holiday promotions to steal personal information.
• DDoS attacks: Overwhelmed servers disrupt businesses, particularly during Black Friday and Cyber Monday, creating chaos for shoppers.
• Ransomware: Malware locks users out of their systems, demanding payment to restore access—especially devastating during the busiest shopping season.

Real-world holiday cyberattack cases

Cybercriminals target both individuals and businesses, and these real-world examples show the damage they can cause.

Stop & Shop cybersecurity issue

During this year’s bustling holiday season, Stop & Shop’s parent company faced a cybersecurity issue that left Stop & Shop with severe inventory issues. There were barely any Thanksgiving ingredients to be had. The attack was timed during peak shopping periods when companies struggle to identify and patch vulnerabilities quickly.

Leaksmas in the dark web

Sharing is caring—unless it’s PII. In 2023, a cybercrime event coined “Leaksmas” happened, where bad actors shared millions of records in the dark web. This series of attacks involved cybercriminals dumping sensitive personal data from both old and new security breaches during the holidays.

2023 Retailer Attacks

Last year was a busy one for cybercriminals. They showed us that they can pick up more work during the holidays, while most of us look forward to a break. The retailers impacted last year included Staples, Ace Hardware, and Clorox.

Holiday hospital ransomware attack

In a shocking attack, hospitals in three states had to move patients from their emergency rooms to other area hospitals after a ransomware attack that started on last year’s Thanksgiving Day. Cybercriminals locked the hospitals’ networks, demanding a ransom to restore critical files.

Why these cases matter

There’s always something to learn. These examples show us a few key recurring themes in holiday cyberattacks:

1. Timing is critical. Attackers strike during busy periods or when defenses are down.
2. Exploitation of trust. Many scams rely on impersonating legitimate businesses or taking advantage of routine processes.
3. Severe consequences. Data breaches and ransomware not only disrupt operations, but also have lasting financial and reputational impacts.

By taking a closer look at these cases, both individuals and businesses alike can better prepare for any potential holiday cyberattack. Always stay vigilant, back up critical data, and invest in comprehensive cybersecurity software.

5 ways to help protect yourself from holiday cyberattacks

Stay a step ahead of cybercriminals this holiday season with these practical tips:

1. Create strong passwords

A secure password is your first line of defense. Use a combination of uppercase letters, lowercase letters, numbers, and symbols. Avoid predictable phrases like “Holiday2024” or repeating passwords—even if it’s easier to remember that way. Use a password manager to help you create and store them.

2. Use two-factor authentication

This extra layer of security makes it harder for hackers to access your accounts, even if they crack your password. If the choice to have it is available, use it.

3. Keep an eye out for suspicious links

Before clicking on holiday sales promotions or deals, double-check the URL. Look for “https://” and verify the sender. If you have an inkling that something’s not right, use Norton Genie, our free scam detector, to scan the message.

4. Beware of attachments from unknown senders

Malware often lurks in email attachments from unfamiliar sources. When in doubt, don’t click. Block and delete right away.

Invest in antivirus and anti-malware software

Comprehensive security software like Norton 360 helps detect and prevent threats before they affect your devices. This investment is particularly important during high-risk seasons like the holidays.

Celebrate safely this holiday season

This year, let the holidays be about joy and celebration. There’s no space for cyberattacks.

By following these tips, you can stay ahead of the game and help protect yourself and loved ones. Stay safe and happy holidays!