SkipToMainContent

Emerging Threats

Holiday cybercrime statistics + tips to protect against threats

An Asian couple window shops to illustrate how holiday activity can distract at a time when cybercrimes occur.

October 18, 2021

The holiday season isn’t just hectic for you. It’s a busy time of year for cybercriminals too.

While holiday cybercrime statistics are hard to break out, it’s fair to say that some cybercrimes are known to appear around holidays.

Consider a recent statement released by the FBI and the Cybersecurity and Infrastructure Security Agency. The two agencies warned that cybercrimes increase each year on weekends and during holidays.

That’s especially important at this time of year when the calendar is dotted with major holidays.

As the FBI and CISA say, both businesses and individuals typically let their guard down during holidays and weekends. That makes it easier for cybercriminals to successfully attack.

The good news? Whether it’s the holiday season or any other time of year, both businesses and individuals can take simple steps to lower their odds of falling victim to hackers and other online attackers. It could help you protect against becoming a holiday cybercrime statistic.

Examples of cybercrimes around holidays

To highlight the dangers leading up to holidays, the FBI and CISA provided three examples of cybercrimes that took place during or immediately before national holidays.

  • Mother’s Day. In May of 2021, on the eve of Mother’s Day weekend, cybercriminals launched the DarkSide ransomware against the IT network of Colonial Pipeline, an Alpharetta, Georgia-based company that runs 5,500 miles of fuel pipelines. The attack caused a weeklong suspension of operations at the pipeline. 
  • Memorial Day. Also in May of 2021, during the Memorial Day weekend, the world's largest meat supplier, JBS, fell victim to a cyber-attack against its IT systems in North America and Australia. This attack caused a complete production halt from JBS.
  • Independence Day. And in July of 2021, during the Fourth of July holiday weekend, Kaseya, a developer of IT solutions for clients, was hit by its own cyberattack. This attack affected hundreds of organizations, according to the joint report.

FBI statistics show cybercrime on the rise

None of these attacks were surprising. Consider these cybercrime statistics:

  • The FBI’s Internet Crime Complaint Center said that it received 791,790 complaints for all types of Internet crime in the United States in 2020. That’s a record number of complaints. 
  • Reported losses from these crimes hit $4.1 billion.
  • The 2020 number is an increase of 69 percent from the total number of Internet crimes reported in the United States in 2019.

Ransomware attacks cover the calendar

The FBI says that the number of ransomware attacks — in which criminals lock the data or entire computers of victims and demand a payment, or ransom, before unlocking them — is also on the rise. The agency said U.S. victims reported 2,474 ransomware attacks in 2020, a 20 percent increase from a year earlier.

And this year? Here are the stats:

  • The FBI says from January to July 31 of 2021, the Internet Crime Complaint Center has received 2,084 ransomware complaints.
  • Those complaints represent more than $16.8 million in losses.
  • That’s a 62 percent increase in reported attacks when compared with the same time frame in 2020.

The lesson here? Be aware of cybercrimes this holiday season.

5 tips to help protect against holiday cybercrimes

How to keep holiday cybercrimes from stealing your fun? Here are some important steps to take.

1. Make a back-up of your important data

The FBI’s top recommendation to thwart ransomware? Make back-ups of the most important files, photos, and videos saved to your laptops, tablets, smartphones, and other devices.

This way, if someone does lock up your computer, you’ll still have access to your most important data. You won’t have to worry about paying an exorbitant ransom to regain access to these files.

Making a back-up of your electronic files might seem like a hassle. But doing the work up front could pay off later if a hacker targets you. 

2. Don’t pay up

The FBI also recommends that you not pay off the criminals who’ve hijacked your computer. As the agency says, there’s no guarantee that these criminals will release your files after they receive your payment. If they don’t, you’re not only still locked out of your files, you’ll also be out hundreds or thousands of dollars.

Paying ransoms also encourages hackers to launch future ransomware attacks, the FBI says.

Instead, you could work with an IT professional to try to unlock your files, though there is no guarantee that even a skilled professional will be able to grant you access to targeted files.

Again, your best bet is to make back-ups of your files before you’re ever victimized by a ransomware attack.

3. Watch out for phishing attacks

Phishing attacks are a common scam that criminals use to trick victims into providing sensitive personal information or downloading malicious files on their computers or other devices.

Hackers will send victims an email or text that looks like it comes from a legitimate source, such as a bank, utility, or credit card company. The message might warn that the recipient’s account will be shut down if they don’t click on a link to register their account information.

Or it might state that the sender has discovered suspicious activity and the recipients must click on a link to protect the funds in their bank accounts or stop fraudulent purchases being made by their credit card accounts.

This is a scam. If recipients click on the link, they’ll be taken to another website and asked to enter their account information. Once they do, scammers will have the information they need to access their credit card or bank account information. Other times, the link will flood victims’ computers with spyware or other malware.

Never, then, click on a link in an email supposedly sent by your bank, credit card provider, or other service provider. Financial institutions will never ask for your passwords, Social Security number, or account numbers through email.

If you’re worried that there really is a problem with your account, call the provider’s customer service number and ask.

4. Avoid public Wi-Fi

It’s tempting to log into public Wi-Fi when shopping for holiday presents at malls and stores. Be careful, though: Public Wi-Fi is notoriously unsecure. It’s easy for hackers to spy on your online activity, possibly nabbing passwords and log-in information while doing so, when you are using public Wi-Fi.

Never log onto your online bank accounts or credit card portals through public Wi-Fi. If you must use public Wi-Fi, use it for more innocuous activity, such as checking the weather, reading the news, or scanning the reviews of local restaurants.

Make sure your security software is updated

It’s smart to protect your devices with the latest security software. But make sure, too, not to ignore the suggested updates of these antivirus tools. You can adjust your settings to allow updates to occur automatically.

If you don’t allow these programs to update, you’ll expose your devices to the latest viruses and malware. Most antivirus updates are designed to protect against newly discovered malware.

Cyber threats have evolved, and so have we.

Norton 360™ with LifeLock™, all-in-one, comprehensive protection against viruses, malware, identity theft, online tracking and much, much more.

Try Norton 360 with Lifelock.


Editorial note: Our articles provide educational information for you. NortonLifeLock offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about cyber safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses.

Copyright © 2022 NortonLifeLock Inc. All rights reserved. NortonLifeLock, the NortonLifeLock Logo, the Checkmark Logo, Norton, LifeLock, and the LockMan Logo are trademarks or registered trademarks of NortonLifeLock Inc. or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Android, Google Chrome, Google Play and the Google Play logo are trademarks of Google, LLC. Mac, iPhone, iPad, Apple and the Apple logo are trademarks of Apple Inc., registered in the U.S. and other countries. App Store is a service mark of Apple Inc. Alexa and all related logos are trademarks of Amazon.com, Inc. or its affiliates. Microsoft and the Window logo are trademarks of Microsoft Corporation in the U.S. and other countries. The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License. Other names may be trademarks of their respective owners.