HELLO! My house is ready for burglars
Introduction
"HELLO! My house is ready for burglars", is not what you would typically shout in public or write as an advertisement in the local newspaper. Nevertheless this is exactly what lots and lots of computer users do on a regular basis, without reflecting upon what they really do.
The Easter holidays that are just behind us, is a typical example of when one is tempted to inform everyone that his/her home is ready for access by those with illegitimate intent.
Always on-line
To an increasingly larger extent we are "always on-line".
More and more homes get permanent connections to the Internet, and workers have access to their job systems from home (and often work from there outside normal working hours). The line between mobile phones and traditional computers is getting increasingly blurred as the former have more and more applications available. Your friends and business colleagues may therefore normally reach you almost around the clock.
However, sometimes you go on vacation where access to the Internet may be more cumbersome or even non-existent, and/or you do not want to be bothered by work-related requests.
You ARE helpful, though
Your colleagues and friends are used to getting instant replies to emails sent to you. Being the nice person that you are, you of course set up your email system with an autoreply informing all who send emails to you that you are on vacation and will not be back for answering emails before yyyy.mm.dd.
This information is of course not only sent to those with legitimate intent, but indiscriminately to everyone that sends you emails (spammers, identity thieves, collegues, friends).
"Lucky me - I'm on a beach while you are stuck in the cold"
Social networks like Twitter, Facebook, LinkedIn, and several more, enable you to write information about your current activities and interests. Some users of such communities have taken this opportunity to the extreme, as they are convinced that their friends should know - and are interested in - when one brushes one's teeth, changes underwear, eats breakfast, is on the bus on the way home, and so on.
Even if you are not inclined to share that kind of to-the-minute exact information, you may feel that it is adequate to inform friends that during period so-and-so, you will be on vacation somewhere.
Depending on your setting in the social community you are a member of, this information may be available to several people - potentially everyone who is a member of that community.
Those who are bloggers may naturally publish similar information on their blogs, particularly if these blogs are of a personal character.
You expose yourself to potential trouble
Personal information about your whereabouts as exemplified above has its obvious usefulness. Some of the risks involved should however be almost as obvious, other not that apparent.
The obvious issue is that when you advertise (which is exactly what you do) that you are not in your house, burglars (first-time as well as experienced) will view your home as a potentially better target than any random house. At least the thieves know that one obvious obstacle to a successful heist is most likely not there. The calculating thieves will then move your home up on their ordered lists of targets.
Less obvious may be that when you are known to be away from your house, you are more exposed to identity theft. Your ordinary, old-fashioned mail may easily be intercepted, someone may order new credentials for e.g. access to your bank and get this by checking your mailbox while you are away.
See Norman's little green book on identity theft for more general information about stealing another person's identity.
In general, there are lots of potential hazards involved when it is known to criminals that your house is empty.
And the advice is...
Not surprisingly, the general advice is a usual one. Think before you inform the world about personal data (your whereabouts in this case).
- Everyone does not need to know that you are on vacation and/or where. It is possible to inform those who really need this information on a one-to-one manner.
- Evaluate whether information about your whereabouts is more important to publish than the risk you expose yourself to by making this available.
- Only share your personal information on social networks with persons you know and trust with that information.
- If you need to use - or company policy requires - out of office messages for the email system, use less precise information. The important message to those who send emails to you is not that you are vacating on the other side of the world and will be back 11th May. A message telling them that urgent requests should instead be sent to another email address, will often suffice.