Cynch Security

View Original

Six Dangerous Out of Office Replies

You’ve worked hard all year to meet your customer’s expectations. Just as those you rely on take time out every now and then, you and your team are also deserving of some time away from the demands of operating a small business. But radio silence on your emails may leave your customers and partners questioning what you’re up to. Fortunately the good old ‘out of office’ message is there to let them know you're away and assure them you’ll be back to business as soon as you return.

Sadly, these automatic messages can also be sent to anyone who contacts you via email while you’re away, including spammers and cyber criminals.

Here are six out of office reply examples that may put your business in danger these holidays.

Giving specifics around when you’re office will be empty can give someone a nice window of opportunity to visit it while you’re away. What damage could someone do if they had access to your office for a week?

With just a little bit of information, like where you’ve gone on holidays, scammers can target those you’ve left behind. How would your staff respond to someone claiming to be contacting you regarding you being in a hospital in Fiji and in urgent need of some money to cover medical expenses?

Knowing Ros is in charge of payments in your absence could be just enough for someone to provide a convincing reason for money to be transferred quickly to the wrong account.

Is your mobile number public information? Are you comfortable giving it to anyone with your email address, including all those spammers that hit your inbox each day?

Mark sounds like a lovely guy, but knowing you’re holidaying with him could give a crafty scammer some ideas on how to take advantage of your staff.

Would you expect your head of accounts to share their position with anyone that asks? Could someone take advantage of the fact that he’s away on leave?

This is actually a pretty safe message, but are you sure you want to confirm to someone that’s sent you a spam or scam email that the account they’ve targeted is real?


Out of office messages can be pretty handy, but as you can see there are a few things you need to consider before you start advertising to the world that you’re away. Here are a few things you can do to securely reply to emails while you’re offline:

  1. Don’t be specific. It’s fine to let people know you’re not going to respond as quickly as you usually would, but they don’t need to know it’s because you’re enjoying a white Christmas in Europe.
  2. Use generic alternatives for urgent contact. Instead of painting a target on one or more of your staff members, consider using a shared mailbox for urgent contact and asking your team to do the same.
  3. Don’t respond to everyone. If your email system allows for it, set up different responses for internal and external email addresses. In some instances you can also set it up to only respond to external email addresses in your contacts. This is a much safer option than just responding to anyone that happens to have or guess your email address.
  4. Notify instead. If you need to manage customer or client expectations, consider emailing them ahead of time instead, or posting a notice on your website. Just remember to only share what’s necessary, especially if you’re posting it publicly.


If you’re looking for more advice around how to protect your business email, sign-up for our up coming Secure Email Cyber Security Pathway.

 

Sign-up to our FREE 12 Days of Threatmas program for information and advice on how to deal with some of the unique cybersecurity threats your business may run into over the holiday period.