Abstract digital network design with glowing lines and geometric shapes, symbolizing IT support and cybersecurity services for businesses.How IT Hardware Maintenance Services Enhance Performance
The One Button That Could Save Your Digital LifeThe One Button That Could Save Your Digital Life
2024's Most Shocking Data Breaches and How to Protect Your Business

The Holiday Scam That Cost One Company $60 Million

Last December, an accounts payable clerk received a text from her “CEO” asking for $3,000 in Apple gift cards. Under pressure during the holiday rush, she followed the request. By the time she realized it was a scam, the cards were gone and the business had taken the loss.

That same month, Luxembourg-based Orion S.A. lost over $60 million to a more sophisticated scheme involving fake wire transfer requests—costing them more than half their annual profit.

Why Holiday Scams Work

The holidays are prime time for cybercriminals. Businesses are busy, staff are distracted, and normal safeguards often get bypassed in the name of urgency or goodwill.

Five Common Holiday Scams (And How To Prevent Them)

1. Gift Card Scams

The scam: Fake “CEO” requests gift cards via text or email.
Prevention: Never send gift cards without two-person verbal approval. Make this a written policy.

2. Invoice & Payment Fraud

The scam: Fraudsters spoof vendors to change banking info.
Prevention: Confirm all payment detail changes by phone using pre-verified numbers.

3. Delivery Phishing

The scam: Fake UPS/FedEx messages urge you to click to reschedule deliveries.
Prevention: Type in official URLs directly. Bookmark shipping sites for staff.

4. Fake Holiday Attachments

The scam: E-mails labeled “Holiday Schedule” or “Party List” install malware.
Prevention: Block macros, scan attachments, and train employees to verify first.

5. Bogus Charity Campaigns

The scam: Fake fundraisers that look like real charities or “matching gift” programs.
Prevention: Share an approved donation list and require contributions through official channels only.

How to Protect Your Business This Season

These scams succeed not because they’re advanced, but because they prey on rushed decisions and skipped protocols. To defend your team:

  • Implement the Two-Person Rule for all financial approvals.

  • Prohibit gift card purchases via email or text.

  • Use multifactor authentication for all key accounts.

  • Run a staff meeting to walk through these scams.

  • Review your cyber liability insurance and IT policies before year-end.

The Cost Isn’t Just Financial

While Orion made headlines for their $60M loss, most small businesses can’t afford even a fraction of that. The real risks include:

  • Operational disruptions during your busiest time

  • Damage to vendor and customer trust

  • Months of productivity lost during cleanup

  • Insurance premiums rising post-breach

Don’t Let Cybercriminals Crash Your Holidays

The good news? Most of these scams can be stopped with awareness and a few basic changes. All it takes is one verification call, one email double-check, one moment of caution to avoid becoming the next cautionary tale.

Want help locking down your business before the year ends?
Schedule a free 15-minute discovery call and we’ll walk you through a quick security readiness review.

Schedule Your Free Security Assessment

The best gift you can give your business this year is peace of mind.