New Year’s Resolutions for Cybercriminals

Posted on by

Spoiler: Your Business Is on Their List

Somewhere right now, a cybercriminal is setting New Year’s resolutions.

They’re not talking about balance or personal growth.
They’re reviewing what worked last year—and planning how to steal more this year.

And yes, small businesses are still their favorite target.

Not because you’re careless.
Because you’re busy.

And criminals love busy.

Here’s what they’re planning for 2026—and how to quietly, effectively ruin it.

Resolution #1: “I Will Send Phishing Emails That Don’t Look Fake Anymore”

The era of obvious scam emails is over.

AI now crafts messages that:

  • Sound completely normal
  • Match your company’s tone and vocabulary
  • Reference real vendors you actually use
  • Avoid obvious red flags

They don’t need typos anymore.
They need timing.

January is perfect—everyone is catching up, moving fast, clearing inboxes between meetings.

A modern phishing email looks like this:

Hi [your actual name],
I tried to send the updated invoice, but the file bounced back. Can you confirm this is still the correct email for accounting? Here’s the revised version.
Thanks,
[Name of your real vendor]

No drama. No urgency. No warning bells.

Just familiar enough to slip through.

Your counter-move:

  • Train your team to verify, not just read. Any request involving money or credentials gets confirmed through a separate channel.
  • Use email security that detects impersonation and domain spoofing—not just spam.
  • Create a culture where slowing down to verify is praised. “I checked first” should be a badge of professionalism, not paranoia.

Resolution #2: “I Will Impersonate Your Vendors… or Your Boss”

This one works because it feels real.

A vendor emails:

We’ve updated our bank details. Please use this account going forward.

Or finance gets a text from “the CEO”:

Urgent. Wire this now. I’m in meetings all day.

Sometimes it’s not even text.

Deepfake voice scams are rising fast. Criminals clone voices from podcasts, webinars, voicemail greetings. The call sounds exactly right. The request sounds reasonable.

That’s not futuristic.
That’s operational risk—today.

Your counter-move:

  • Enforce a callback policy for any payment or bank changes—using known contact details, never what’s in the message.
  • Require voice confirmation through established channels before funds move.
  • Protect every admin and finance account with MFA. One stolen password should never equal full access.

Resolution #3: “I Will Target Small Businesses Harder Than Ever”

Attackers used to chase large enterprises.

Then security improved. Insurance tightened. Big companies became slow, expensive targets.

So criminals adapted.

Why attempt one risky $5M breach when you can run a hundred $50K attacks that usually succeed?

Small businesses are now the primary focus.

You have money worth stealing.
You have data worth ransoming.
And you likely don’t have a full security team.

Attackers assume:

  • You’re stretched thin
  • You’re juggling operations, growth, and people
  • You believe you’re “too small to be worth it”

That assumption is their favorite opening.

Your counter-move:

  • Stop being low-hanging fruit. MFA, patching, and tested backups alone move you out of the easy category.
  • Retire the phrase “we’re too small to be a target.” You’re not too small—you’re just less prepared than larger organizations.
  • Work with a partner who focuses on resilience, not just reaction.

This is where Mirrored Storage comes in.

Our backup platform isn’t just storage—it’s business continuity. Immutable, offsite backups that are isolated from your production systems mean ransomware doesn’t get the final word. If attackers can’t erase your data, their leverage disappears.

Resolution #4: “I Will Exploit New Hires and Tax Season Chaos”

January brings new employees.

New employees want to help.
They want to impress.
They don’t yet know what “normal” looks like.

From an attacker’s perspective? Ideal.

Hi, I’m the CEO. Can you handle this quickly? I’m traveling.

Then tax season hits.

W-2 scams. Payroll phishing. Fake IRS requests.

A common play:

I need copies of all employee W-2s for a meeting with the accountant. Please send ASAP.

Once that data is gone, every employee is exposed—Social Security numbers, addresses, salaries. Fraudulent returns get filed before your people even submit theirs.

Your counter-move:

  • Include security training in onboarding—before new hires get full email access.
  • Document non-negotiable rules:
    • “We never send W-2s via email.”
    • “All payment requests are verified verbally.”
  • Reward verification. The pause is the protection.

Preventable Beats Recoverable. Every Time.

With cybersecurity, you always face the same choice.

Option A: React.
Pay the ransom. Hire emergency help. Notify customers. Rebuild systems. Repair trust.
Cost: six figures or more.
Outcome: Survival—with scars.

Option B: Prevent.
Harden access. Train people. Monitor continuously. Maintain clean, tested backups.
Cost: a fraction of Option A.
Outcome: Nothing happens—which is exactly the point.

You don’t install fire suppression after the building burns.

You install it so the fire never wins.

With Mirrored Storage, backups are:

  • Immutable (attackers can’t encrypt or delete them)
  • Offsite and isolated
  • Regularly tested—not just assumed to work

So if ransomware hits, recovery is a business decision—not a crisis negotiation.

How to Ruin a Cybercriminal’s Year

A strong IT and continuity strategy keeps you off the “easy target” list by:

  • Monitoring systems around the clock
  • Limiting access so one compromised account doesn’t cascade
  • Training teams on modern scams, not outdated examples
  • Enforcing verification policies for money and data
  • Maintaining backups that turn ransomware into a speed bump
  • Patching vulnerabilities before criminals exploit them

Prevention over panic.
Resilience over reaction.

Cybercriminals are optimistic about 2026. They’re counting on distraction, overload, and outdated defenses.

Let’s disappoint them.

Take Your Business Off Their Target List

Book a New Year Security Reality Check.

We’ll show you where you’re exposed, what matters most, and how solutions like Mirrored Storage’s immutable backup platform protect your business when prevention fails.

No scare tactics.
No jargon.
Just clarity—and a path forward.

[Book your 15-minute New Year Security Reality Check here]

Because the best New Year’s resolution is making sure your business isn’t on someone else’s list of goals.

Leave a Reply

Your email address will not be published. Required fields are marked *