December is here and, with two weeks left until Christmas, many of us are starting to wind down at the office and getting ready for our time away or time at home.

The holiday season can bring out the best in people but unfortunately, it also brings out those who take advantage of the season. Online and phone scams about lost parcels, invalid addresses and more are more frequent due to the volume of parcels being shipped and shopping being done so we need to be on the look out but something your doing in the office could also unintentionally make you a part of these scams.

As we head off on our time away from the office, many employees are setting up their ‘Out of Office’ replies to ensure no client or customer is left in the lurch over the season but are they hindering themselves or your company in other ways? What did you include in your last Out of Office reply? Your out of office reply could unintentionally be giving away information to these scammers that you wouldn’t normally give.

Do you include your normal signature in your out of office? Do you also include a personal mobile for emergencies or another colleagues details? How much do you include about where you are going and for how long?

Each of these things are giving cyber criminals snippets of information allowing them to piece together ways to extract further information that could harm you or the company you work for.

What are the risks?

Are you off to a conference? Or are you off on an overseas adventure? Including where you will be when you are out of the office allows cyber criminals fake purchases in the same area you will be so as to not set off your bank. Alternatively, they could also impersonate you to your colleagues. Joh in the team has seen the consequences of the last one and it resulted in substantial financial loss.

Including another colleague in your email could direct cyber criminals in another direction if they require a response and also give them a way to impersonate you. For email spammers, this is also a gold mine as they now have your email address (confirmed as valid) as well as your colleagues/supervisors/etc email as well.

Handing out your personal mobile is always a risk, even when you aren’t going away but doing so allows cyber criminals to include you in other scam forms like RoboCalls and Bogus Text Messages and more. These sort of scams however deserve their own post of their own given how many there are.

Less is more…

When constructing your Out of Office this holiday season, be concise but brief in what information you put into your template.

Instead of saying the exact dates you will be away, use broader phrases such as ‘returning in the New Year’ or ‘late December/early January’. This will give clients or customers a rough idea of when you will return but won’t give those phishing a timeline of how long they have to act.

Want to make sure people clients or customers can contact you or your colleagues while you are away for urgent matters? Only mention that they can contact you on your mobile but don’t give out the actual number. If they don’t have it? Add that they can contact the office number and ask for your department and someone will be able to help.
Provided all these details are in previous email signatures and/or the office number is available through Google or your website, no one maliciously fishing for information is going to get it easily.

Last of all, remove your usual signature. Even with a very sparse message, your signature still gives away your full name, company name, company address, job title and potentially more…

Stay safe this holiday season!

Merry Christmas and Happy New Year from the team at Infinite Edge.