Paul Kelly, head of cyber services at Azets, is urging companies to stay alert. He said: “While many businesses and individuals are preparing for festive celebrations and winding down for the holidays, cyber criminals are gearing up for one of their busiest periods of the year.

“Cyber threats are a year-round concern, but the holiday season creates a perfect opportunity for attackers to steal critical data such as payroll and customer details and other sensitive information. Reduced staff numbers, increased online activity and the general distraction of the festive period make organisations more vulnerable.

“Criminals exploit this environment, knowing that companies may inadvertently drop their guard and leave the front door open to digital theft, creating malevolent opportunities for potential fraud, phishing attempts and ransomware threats.”

This year has already seen some of the biggest cyber-attacks on record, targeting global enterprises and critical infrastructure. Marks & Spencer, Co-op, Jaguar Land Rover and Harrods are among UK companies affected.

“These incidents underline the scale and sophistication of modern cybercrime, and why vigilance is essential, especially now,” Mr Kelly added.

Last year Azets raised the national alarm by exposing a highly convincing bogus HMRC compliance letter. Sajid Ghufoor, who heads Azets’ tax investigations and dispute resolution service, said the ruse paved the way for fraudsters to take out loans in the names of directors and create opportunities for VAT fraud.

Mr Kelly has provided some tips on how businesses can help protect against cyber-attacks during the festive season and beyond:

Steps to help protect against cyber attacks

• Remind employees to stay vigilant and report suspicious activity
• Use strong passwords (three random words) and enable two-factor authentication
• Scan networks and applications for vulnerabilities and address any risks
• Confirm if 24/7 monitoring is required and consider outsourced support
• Check that your incident response plans are up to date
• Keep software updated and install security patches promptly
• Perform regular backups and monitor their success
• Maintain offsite copies of backups, including cloud-based solutions

Common tactics used by cyber criminals

• Fake e-commerce websites designed to steal payment details
• Malicious emails impersonating delivery companies or retailers
• Social media scams offering deals that seem too good to be true