Post-festive cybersecurity risks

Remain vigilant
As the new working year begins, individuals and organisations are reminded that the period following the festive break is one of the most active for cybercrime. While December is often seen as high-risk, the weeks immediately after the holidays can present even greater cybersecurity threats.
Mufaro Nesongano
  • 10 Hours Ago - 2026-02-11 14:26:00

During the festive season, many employees travel with work devices, connect to public or home Wi-Fi, and sometimes use company laptops for personal activities such as social media, streaming or online shopping. When these devices reconnect to corporate networks, any malware or hidden infections acquired over the holidays can spread undetected. In addition, forgotten passwords, reused credentials and rushed account recoveries create opportunities for attackers to exploit weak authentication controls.


Phishing and social engineering

Phishing remains one of the most prevalent threats. Employees and executives should expect an increase in fraudulent emails and messages designed to create urgency or emotional pressure. These communications often impersonate trusted brands or service providers, prompting recipients to click malicious links, download malware or disclose login credentials.


Business email compromise

The resumption of business operations in January creates favourable conditions for Business Email Compromise (BEC). Attackers exploit backlogged financial processes and payment cycles by sending fraudulent emails requesting urgent payments, changes to supplier banking details or the release of sensitive financial information.

These messages frequently impersonate senior executives, finance managers or trusted vendors and rely on urgency and authority to bypass verification procedures. With finance teams under pressure to clear outstanding invoices, controls may be relaxed, increasing the risk of fraud.


WhatsApp account hijacking

A growing concern is the hijacking of WhatsApp accounts through sophisticated phishing campaigns. In operations such as the so-called HackOnChat campaign, attackers create fake WhatsApp web or verification pages. Victims are tricked into scanning malicious QR codes or entering their phone number and one-time passwords, enabling attackers to take control of accounts.

Compromised accounts are then used to request urgent financial assistance or sensitive information from trusted contacts, accelerating the spread of fraud.


Ransomware risks

Ransomware operators also target periods when monitoring is reduced. Unpatched VPNs, exposed remote access services and weak administrative credentials are common entry points. In some cases, attackers disable backup systems, limiting recovery options.

Reducing cyber risk

Organisations should enforce multi-factor authentication, maintain continuous monitoring, and complete patching before and after holiday periods. Staff awareness is equally critical. Simple reminders to verify payment requests, avoid suspicious password-reset emails and report unusual activity can significantly reduce risk. Cyber threats do not take holidays – they exploit them.

* Mufaro Nesongano is the Executive: Communication and Consumer Relations, who writes on behalf of the Namibia Cyber Security Incident Response Team (NAM-CSIRT).