In general, it is better to unsubscribe from intrusive and unnecessary emails. But how can you be sure that the «Unsubscribe» link does exactly that?
In the article of The Wall Street Journal DNSFilter CTO T.K. Chianini warns against clicking on it recklessly — this action may expose users to additional risks and security issues.
The «Click to unsubscribe» link at the bottom of many commercial emails can be a trap. Users usually click on these links almost automatically in an attempt to stop the flow of spam, but the expert warns that every 644th click on the unsubscribe link leads to a malicious website.
Kianini says that there is no reason to trust spam emails and the links in them. Clicking instead of unsubscribing takes users from secure environment of their email client to the open Internet with all its risks.
At the lowest level of threat, clicking the «unsubscribe» button can help a cybercriminal check whether an email address is active. Once the user unintentionally confirms that their email address is valid and controlled, the attacker can increase the pressure on them through social engineering or more sophisticated tactics.
According to Michael Barguri, co-founder of security company Zenity, unverified unsubscribe links can also redirect users to phishing sites designed to steal passwords or personal data, or even to deploy malware. If a website asks for an unsubscribe password, do not enter it.
Charles Henderson, executive vice president of security firm Coalfire, added that while some legitimate, legitimate sites may ask users to re-enter their email address to confirm unsubscription, trust is a critical factor. If you don’t trust the company that sent the email, you shouldn’t trust the unsubscribe process it offers.
According to the three experts, one of the safest ways to unsubscribe is to use unsubscribe buttons that provided by postal services. They are usually displayed and are generally secure because they are not part of the email. Using disposable email addresses when signing up for new or questionable sites is also a good practice, although it can make online shopping or account management more difficult.
Spelling error report
The following text will be sent to our editors: