Cybercriminals are on the hunt for leaked information over the holidays when shopping picks up.
Activity on the dark web, where illegally-obtained information is sold, surges 76% over the holidays compared with the typical day, according to a review of dark web forums in 2023 by cybersecurity firm NordLayer.
Views of dark web posts containing illegally-obtained information, such as login details, hit their peak in November, December and January, NordLayer said.
The most popular dark web forum posts contain leaked personal information, accounting for around 37% of posts, NordLayer said.
Why is there more dark web activity over the holidays?
Shopping is a big reason dark web activity goes up over the holidays.
Employees are overwhelmed by holiday surge of customer transactions and can fall prey to cybercriminals trying to gain access, such as through email phishing links, Andrius Buinovskis of NordLayer said
Employee logins can be used to gain access to the information of customers, creating a data breach that exposes the records of millions of people and puts them at risk of theft and scams.
"The period from November to January is the busiest for most businesses, driven by the surge in transactions during Black Friday, Thanksgiving, and Christmas," Buinovskis said.
"Cybercriminals use these hectic months as an opportunity, fully aware that overwhelmed employees who process countless email orders and promotional offers are more likely to inadvertently click on phishing links, putting their network security at risk," he added.
Most cyberattacks also take place in the fourth quarter of the year, NordLayer said, citing research from BitNinja Security, Cloud Security Alliance and Mimecast.
Buinovskis said employees should be extra careful handling information over the holiday season.
"Being less cautious during the festive season and paying less attention to how you handle personal and company devices may lead to giving away your login credentials or personal information to cybercriminals who use such information to access the organization's network and may cause irreversible damages," he said.