Infosec Blog - UNSUBSCRIBE to SUBSCRIBE

    

August 30th, 2019

Like everyone else, you have probably received email messages that you don’t want (aka SPAM). If you open one of these obnoxious messages, you might be tempted to stop them by clicking on the unsubscribe link, which is usually present either in the email body or the subject. However, this might actually cause more problems for you instead of solving any. Whatever you do, do not click on these links!! You might be wondering “WHY?”  

By clicking on the unsubscribe link, you are not only confirming that your email address is valid and active, but you might also be giving the sender exactly what they want. By clicking the link you could allow the hacker to:

  • Subscribe you to additional SPAM lists - Clicking on one link will make the attacker assume that you are likely to click on more links, so they will subscibe your email address to additional SPAM lists which will dramatically increase the amount of SPAM and malicious emails that you receive in your mailbox.
  • Install malware on your machine - This malware could then be used by the hacker to access data on your machine, lock all your files in exchange of ransom, use your machine as a launchpad for more sophisticated cyber-attacks, or install a keylogger on your machine.

Some SPAM emails might require you to reply with the word “UNSUBSCRIBE” in order to remove you from their list. We strongly recommend that you do not do this unless you know and trust the sender. Your email will contain meta-data which could provide the hacker with information about your email provider/software, making it easier for them to misuse your credentials or hack your account.

You might be wondering why do attackers do this? The short answer is “MONEY”. The attackers are harvesting email addresses/credentials which they can later use for more lucrative scams or they can simply sell them on the black market.

 

How to Handle these spam/junk emails?

The best way to handle these junk emails is to simply delete them from your inbox without opening and mark them as spam. Marking these emails as spam will not only remove the email from your mailbox but it would also help your email software better learn the trends about spam emails and help to keep your inbox clean by redirecting such emails in future to junk folder directly without your manual intervention.

If you accidentally open an unsolicited message, simply delete it and run an anti-virus scan just to be sure.

 

Written by: Satnam Singh Deol (Cyber Security Analyst, Information Security)