Cyber criminals are relying on Christmas-distracted staff in and around Durham to open the digital front door to critical business data theft.

The stay-alert warning to local firms has been sounded by Paul Kelly, head of cyber services at UK top 10 accountancy and business advisory firm Azets, with offices in Durham, Newcastle

and Teesside.

He said: “While many businesses and individuals are preparing for festive celebrations, exchanging Secret Santa gifts and winding down for the holidays, cyber criminals are gearing up for one of their busiest periods of the year.

“Cyber threats are a year-round concern, but the holiday season creates a perfect storm for attackers as they look to steal critical data – which can include payroll and customer details and other sensitive information.

“Reduced staff numbers, increased online activity and the general distraction of the festive period make organisations more vulnerable.

“Criminals exploit this environment, knowing that companies may inadvertently drop their guard and leave the front door open to digital theft, creating malevolent opportunities for potential fraud, phishing attempts and ransomware threats.”

This year has already seen some of the biggest cyber-attacks on record, targeting global enterprises and critical infrastructure.

Marks & Spencer, Co-op, Jaguar Land Rover and Harrods are among UK companies affected.

These incidents underline the scale and sophistication of modern cyber crime - and why vigilance is essential, especially now, Paul stressed.

Last year Azets raised the national alarm by exposing a highly convincing bogus HMRC compliance letter - Sajid Ghufoor, who heads Azets’ tax investigations and dispute resolution service, said the ruse paved the way for fraudsters to take out loans in the names of directors and open up opportunities for VAT fraud.

Azets specialises in SME advice and support for more than 80,000 clients in the UK.

Common tactics used by cyber criminals

• Fake e-commerce websites designed to steal payment details

• Malicious emails impersonating delivery companies or retailers

• Social media scams offering deals that seem too good to be true

  
  

Steps to help protect against cyber attacks

• Remind employees to stay vigilant and report suspicious activity

• Use strong passwords (three random words) and enable two-factor authentication

• Scan networks and applications for vulnerabilities and address any risks

• Confirm if 24/7 monitoring is required and consider outsourced support

• Check that your incident response plans are up to date

• Keep software updated and install security patches promptly

• Perform regular backups and monitor their success

• Maintain offsite copies of backups, including cloud-based solutions