top of page

Is Your Holiday Out-of-Office Reply a Security Risk?

With Christmas and the New Year around the corner, many of us will be taking time off to be with family.   While there are many things to love about this time of year, we must also be aware that we are in prime season for phishing and impersonation. This is in large part due to the abundance of information found in out-of-office replies.

Many times, with good intentions, we include the dates we are leaving and returning, contact information for a supervisor or co-worker, where we are going, and even a mobile number where we can be reached. Sometimes the best intentions can turn around to bite you. These pieces of information can be used as leverage for phishing and impersonation attempts.  Here are a few tips for writing a safe out-of-office reply:

  1. Instead of using exact dates, use broader verbiage such as, “early in January” or “later this week”.

  2. While it’s okay to mention that you can be reached by mobile, don’t give out your mobile number.

  3. Don’t include details of where you are going over the break.

  4. Avoid providing insight into the chain of command

  5. Set a separate automatic reply for anyone outside of your organization. 

  6. Set replies to only go to senders in your contact list. 

The key is to avoid oversharing.

Following these best practices will help your organization stay safe and worry-free as you enjoy the holiday season.  Merry Christmas from our team at runbiz™.

bottom of page