Recently we received an “out of office” email response from an IT person at a prospective company that contained a lot of information that a hacker could use to help them penetrate the organization.
Here is that response (name of person and company removed):
– I will be out of the office Monday February 24th returning Monday March 4th. I will be checking my email periodically to ensure no urgent requests go unattended. If you are in need of immediate assistance, however, please utilize the contacts provided below. I will do my best to ensure I respond in a timely manner to all requests.
– If you are experiencing an urgent issue with your Halo POS terminal, please contact Halo Support at 1-888-778-4256.
– If you are experiencing an issue with your gift or loyalty cards, please contact Valutec Support at 1-855-325-9015 or after hours 1-800-509-0625, select option 2.
– If you are experiencing issues with your credit card processing, please contact Mercury Payment Systems Support at 800-846-4472.
– I will be checking my email periodically, however please utilize these support teams for your urgent needs. They are all available 24/7 365 to ensure your location is always ready to rock and roll.
Hackers equipped with the knowledge especially multiple pieces of information like that provided above in the automated email response can often use it to obtain additional access from the 3rd party support vendors by appearing to be an employee of the company or from employees by appearing to be someone from a 3rd party support organization. They can also use known vulnerabilities about the systems in use at the company to more easily meet their “urgent needs” to really “rock and roll” your stores. Penetration testers doing compliance work use such techniques often.
So be sure you only send such responses to internal company contacts and keep the information that you send to email addresses outside the organization to a minimum.
