Every year, without fail, December becomes the most profitable month for payment-fraud gangs. The pattern is so consistent that it barely qualifies as a trend anymore. Companies close their books, rush through backlogs of invoices, cover for colleagues on leave and navigate inboxes flooded with last-minute requests. In that environment, even well-run finance teams are less likely to investigate a fake bank detail change or scrutinise a suspiciously written email. Fraudsters know this — and they prepare months in advance.
What makes this period so vulnerable is not a single point of weakness, but a predictable combination of human and operational factors. Many year-end payments are genuinely urgent, so teams working at pace develop a mental model wherein ‘speed equals helpfulness.’ The psychological effect is subtle: an email framed as a last-minute request from a supplier or senior colleague feels plausible and gets processed quickly. This is exactly what attackers count on. They study payment cycles, mimic writing styles and time their messages for maximum pressure. By the time a misdirected transfer is spotted, the funds have usually been withdrawn or layered across accounts around the world.
The other failure point is verification fatigue. Most organisations have sensible processes on paper — call-backs, segregation of duties, dual approvals — but these safeguards rely on perfect conditions. In December, conditions are rarely perfect. People covering holiday absences may not know a supplier’s usual contacts. Managers who would normally approve payments carefully are in back-to-back meetings. Employees working remotely for part of the month may not have access to the full context of a fee request. A simple “can you update our bank details for this invoice?” message slides through because everyone assumes someone else has checked it.
The result is a type of fraud that feels both preventable and inevitable. Preventable, because the scams themselves are rarely sophisticated; inevitable because attackers exploit human behaviour rather than technology. They win by getting organisations to bypass their own rules.
Breaking the payment fraud cycle
Breaking this cycle requires a different mindset. Prevention must be built around the moments when teams are statistically most likely to slip — which means planning specifically for end-of-year pressure rather than treating December like any other month. The companies that avoid losses are not the ones with the most complex tools, but the ones that reduce ambiguity. They make it easy for staff to know which requests deserve additional scrutiny, communicate clearly about expected supplier changes before the holiday period, and implement strict cut-offs for non-essential payments. What’s more, they empower finance staff to slow down approvals without fear of being perceived as obstructive.
A cultural adjustment matters just as much as any control. Employees need to feel that caution is valued during peak-risk periods. When teams understand that attackers deliberately target December because it is stressful, they are more likely to pause, question and verify. Psychological readiness turns out to be one of the strongest defences.
It is also important to recognise how quickly fraud techniques evolve. Attackers increasingly use convincing domain spoofing, AI-generated messages and stolen supplier templates. These tactics reduce the traditional ‘red flags’ that finance teams were trained to look for. The absence of obvious mistakes no longer means a request is legitimate. The only reliable backstop is a real-world verification step, ideally by phone, using a number sourced independently rather than from the email itself.
Businesses are under no illusion that December will get any quieter. Economic pressures mean many companies are processing more payments with leaner teams. Hybrid work introduces further complexity. As such, festive season payment fraud offensives aren’t going to disappear. But sharper preparation — and a recognition that attackers design their scams around human behaviour — can meaningfully reduce losses.
Fraudsters count on December chaos. Organisations that refuse to rush, even when everything around them accelerates, are the ones that keep control of their payments when it matters most.
Patrice Bouexel is a general manager at Sis ID
Read more: How to modernise your bank’s codebase without breaking it
