Easy to implement, cost effective, the security by obscurity is always a good temptation: running an application on a non-standard port is a good example (Apache binded on port 8080 instead of 80). But a simple nmap scan will immediately reveal the “hidden” server. Fail!
But, security by obscurity can also apply to non-IT domains. Here is an example of anti-theft system for cars or bikes:
Those fake-scratch stickers are available here. Funny but I’m not sure they will replace a good lock or alarm system. Think about it for your IT infrastructure!