“British technology group Tif recently warned that thieves could be buying huge lists of e-mail addresses and sending mass mailings in the hopes of receiving auto-replies to find out who could be on vacation.
“Then, after obtaining the e-mails, thieves could cross-reference them with publicly available personal information to find the vacation-goer’s name, telephone number, and address.”
The report said that the U.S. Justice Department and the Federal Bureau of Investigations (FBI) currently do not have any investigations of such crimes underway, but that the FBI watch section “has some indication that there might be some of this activity.”
Mark Rasche, vice president of cyber-security firm Solutionary, told the news agency that there is some expectation with e-mail that people respond as soon as possible so not using an “out of office” auto-reply is out of the question. He recommended that computer users make their out of office replies as vague as possible and that having an e-mail address that is not associated with your name and having an unlisted home phone number can help too.
Tif’s information security group also suggested users redirect inquiries to another colleague, and refrain from giving out details like personal contact information or job title in such replies.
April 2003 Render