Tom Raftery writes about the default “out of office” message handling of Exchange and explains why it can be a security risk:
It is entirely possible to spam a company (or more likely companies), do automated searches for Out of Office Replies, cross reference them with phone book entries, and then burglarise houses secure in the knowledge that “Sally is on holidays in Bali until the 15th!”.
Now does that sound familiar? I myself wrote on June 16:
I had prepared two posts in WordPress and set a creation date in the future so that they should give the impression that I’m on-line. National law forces me to put my full address onto the imprint of this site and I was afraid of burglars who would – ahem – read this blog. I know it’s far fetched but similar incidents have been reported before…
Seems I’m not THAT paranoid after all…