Why mail out of office can be a security hazard

Mail out of office increases the chances of a cyber attack. Find out why auto-reply is dangerous to your computer

Mail out of office is a common practice among office workers, business owners and professionals. It is an automated response sent via email to all work messages that arrive when a person is away from the office for days, perhaps for vacation. The email contains personal information, including an alternate contact for emergencies.

In short, it may seem like a totally harmless practice, but in reality it's a great opportunity to transmit a computer virus. In fact, cyber criminals take advantage of out of office emails to attack computers. This happens because often these automated messages are not sent to a selected circle of people, but to anyone who sends an email to the mail address. In the absence of the owner, hackers could use the automated response to launch a dangerous cyber attack on several corporate computers.

Mail out of office: why is it a danger to computer security?

Automated email responses are widespread, but the risks are still poorly understood. For example, they represent a fertile ground for hackers.

It all starts because usually the automatic reply is sent to all people who write to an email address during the owner's absence. To test if an out of office email is active, it is enough to send a message and wait for the automatic reply.

At that moment, the user shows his vulnerability. There are many reasons for this. First of all, the automatic message contains several personal data: the name and surname, the period of absence from work, any alternative e-mail address or phone number to contact, as well as the signature that reveals the role of the person in the company. Spammers, after acquiring all this information, can act in several ways.

First, they record this data and start sending e-mails to the sender more and more assiduously, and even call any phone numbers in the message. That's not all: in fact, any information contained in the out-of-office email can be exploited to tailor spam or phishing emails, and thus even more deadly. For example, let's suppose that Mario Rossi goes on vacation for a week and sets up an automatic response inviting contacts to contact Luigi regarding the Pinco Pallino project. This email is also sent to malicious people. A few days later, Luigi receives an urgent e-mail from the manager of Pinco Pallino. Inside the message there is an attached file to download. Luigi will open it without too many thoughts, without knowing that the e-mail is actually harmful and the file hides a virus capable of infecting his computer. This is just one example: cyber criminals can use out of office emails in many ways.

How to defend against viruses?

First of all, it is important to select a close circle of contacts to whom you want to send an automatic reply when you are out of the office. Alternatively, you can notify customers of your impending absence with a message on WhatsApp or a phone call. In addition, any automated responses should not contain any third-party personal data or information that could jeopardize the safety of the company and its employees. Finally, it is important to adopt solutions that increase security on the mail server and nip phishing and spam attempts in the bud.