SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Australia
Summer holidays leave firms more exposed to cyber fraud

Summer holidays leave firms more exposed to cyber fraud

Wed, 8th Jul 2026 (Today)
Joseph Gabriel Lagonsin
JOSEPH GABRIEL LAGONSIN News Editor

Everywhen has warned that summer holiday cover can leave businesses more exposed to cyber crime, as changes to staffing and routines create openings for fraud and phishing attacks.

The warning focuses on the effect of annual leave on everyday business processes rather than any shift in underlying security systems. Organisations can become more vulnerable when payment approvals are delegated, teams operate with reduced capacity, and staff work remotely or while travelling.

Cyber criminals often exploit routine disruption instead of trying to breach technology directly. Attacks such as business email compromise and phishing frequently succeed when staff are dealing with urgent requests, unfamiliar approval chains, or absent colleagues.

This dynamic can become more pronounced during holiday periods. Out-of-office messages may reveal who is away and who is covering key responsibilities, while employees using unfamiliar networks or working outside normal routines can create a higher volume of legitimate but unusual activity.

That can make suspicious behaviour harder to spot. Everywhen argues the risk does not stem from workers becoming less security-conscious, but from the temporary loss of informal checks and quick conversations that often help prevent fraud.

Neil D'Mello, Client Director at Everywhen, outlined the firm's view of how seasonal disruption affects corporate security.

"Cyber criminals don't need businesses to lower their security standards during the summer; they simply need normal business routines to change. When key decision-makers are on annual leave and approval processes are delegated, attackers have a greater opportunity to exploit uncertainty.

"The majority of successful cyber fraud doesn't begin with sophisticated hacking. It begins with someone receiving what appears to be a legitimate request and making a perfectly understandable decision based on the information available to them. Summer simply creates more of those moments," said Neil D'Mello, Client Director at Everywhen.

Process risks

A central concern is the handover of routine responsibilities. Supplier queries, payment authorisations, and access requests may be handled by colleagues providing temporary cover, potentially increasing the chance that unusual instructions are accepted without the same level of scrutiny.

Security specialists have long warned that social engineering attacks rely as much on timing and context as on technical methods. When decision-makers are absent and staff are under pressure to keep operations moving, a fraudulent request that appears credible can be harder to challenge.

Everywhen's comments reflect a broader pattern in cyber risk management, with attackers increasingly focusing on human behaviour and business workflows. Fraud attempts can be built around impersonation, urgency, and partial knowledge of internal structures rather than malware or direct system intrusion.

The insurer also pointed to the growing mix of working arrangements during holiday periods. Staff may log in from home, hotels, or transport hubs, and although standard security controls remain in place, the shift away from usual environments can complicate oversight.

In practice, that means businesses may face a larger volume of exceptions to normal behaviour at exactly the point when teams are least able to verify them quickly. Reduced staffing can slow internal checks, while the absence of familiar contacts can delay confirmation of whether a request is genuine.

Planning ahead

Rather than calling for major seasonal changes to cyber controls, Everywhen advises businesses to focus on planning before staff go on leave. Firms should review how critical decisions will be made, make escalation routes clear, and ensure employees understand which controls must not be bypassed.

That points to a stronger focus on process discipline than on new software or technical spending. For many organisations, the immediate issue may be ensuring that temporary cover arrangements do not weaken approval standards for transfers, supplier changes, or access permissions.

D'Mello said preparation remains the most effective response.

"Preparation is far more effective than reacting after an incident has occurred. Businesses don't need to introduce complicated new controls every summer, but they should review how critical decisions will be made while colleagues are away. Clear approval processes, simple escalation routes, and ensuring employees know which controls should never be bypassed can significantly reduce the opportunity for fraudsters.

"Summer should be a time when people switch off from work, not when businesses inadvertently switch off the safeguards that protect them. A little planning before the holiday season can make a significant difference if criminals attempt to take advantage of reduced staffing levels," said Neil D'Mello.