These attacks, says GFI Software, saw users being targeted with a variety of infected email, web links and other delivery mechanisms promising festive information, discount offers, Christmas e-cards and free software.
The month also, says the IT software vendor, saw the big movie release of the season, Disney's Tron Legacy, targeted by a wide array of search engine poisoned links, unwanted installs and other malware fakery, whilst a spate of fake iTunes emails caught several people off guard, resulting in users falling foul of a malicious script that took advantage of a known Java exploit.
GFI says its research team even uncovered an Amazon receipt generator scam aimed at fooling retailers during the busy holiday shopping season into honouring fraudulent receipts.
Seven of the top 10 malware detections during December were trojans, with those seven accounting for almost 35% of all malware detections for the month.
In addition to a range of Trojans, says GFI, worms also created major problems during December. The most significant was Worm.Win32.Downad.Gen, which appeared at number seven in December's top 10, a detection for the Downadup worm, otherwise known as Conficker and Kido.
Tom Kelchner, GFI's research analyst, said that, following on from the increased themed threat traffic his researchers saw in November around Thanksgiving, Black Friday and Cyber Monday, criminals once again attempted to take advantage of the Christmas holiday season with themed attacks designed to drive users towards infected sites and to trick them into opening infected email and executables.
"Themed attacks, along with themed search engine poisoning and fake application installs, are firmly established as a successful means for malware creators to distribute malcode and create disruption for organisations and families alike", he said.
Kelchner added that December is a challenging month for computing security, with many businesses shut for a prolonged period and consumers at home for the holidays.
"Casual computer use rises and vigilance can drop, creating opportunities for malware infection that would otherwise not happen the rest of the year. The top 10 serves as a stark reminder that IT security should not be taken for granted at any time", he said.