Thieves are using information contained in 'out of office' auto-reply emails and cross-referencing it with publicly available personal information to target empty houses.
The warning comes from UK blue chip user group The Infrastructure Forum (Tif), which uncovered details of the scam from a meeting of its members.
Criminals are buying huge lists of email addresses over the internet and sending mass-mailings in the hope of receiving 'out of office' auto-responses from workers away on holiday.
By cross-reference such replies with publicly available information from online directories such as 192.com or bt.com, the burglars can often discover the name, address and telephone number of the person on holiday.
Tif is advising users to warn their staff to be careful of the information they put in their 'out of office' messages.
"You wouldn't go on holiday with a note pinned to your door saying who you were, how long you were away for and when you were coming back, so why would you put this in an email?" said David Roberts, chief executive at Tif.
"Email is the most popular form of office communication but many people forget that the information contained in these messages can get into the wrong hands," he added.
Tif's information security group has drawn up guidelines to avoid falling victim to the practice, including keeping messages bland, redirecting enquiries to another colleague, not giving out your job title, not saying you are away on holiday and not putting personal contact details in your email.
Australian government to require technology and communications companies to provide access to messages
New bill avoids demanding 'backdoors' in encryption, but includes measures to compel companies to provide access to encrypted communications
Indonesian overclocker Ivan Cupa (with the aid of a lot of liquid nitrogen) achieves record overclock on AMD's latest Threadripper
Ssupermassive black hole is so big it corresponds to four per cent of the galaxy's total mass
Imminent attack will target a single bank with cloned cards used to fraudulently withdraw millions over one weekend