Con Watch: The Dangers of the Unsubscribe Link

Think twice about clicking that “unsubscribe” link at the bottom of that email. You might get more than you bargained for.

Unsubscribe

Weekly Newsletter

The best of The Saturday Evening Post in your inbox!

SUPPORT THE POST

Steve Weisman is a lawyer, college professor, author, and one of the country’s leading experts in cybersecurity, identity theft, and scams. See Steve’s other Con Watch articles.

Most of us get far more emails than we wish to receive. Much email contains solicitations and advertisements that clog up our inboxes and require constant attention to delete, which is why you may be tempted to click on the “unsubscribe” link at the bottom of the email.

Don’t do it.

While the unsubscribe link is probably safe when it comes from a company that you are sure is legitimate, you could run into serious problems if the unsubscribe link is in an email from a scammer. The problem is that when you click on the unsubscribe link, you run the risk of either inadvertently downloading malware on to your computer or providing personal information that is used to make you a victim of identity theft.

Equally troubling is the fact that when you click on an unsubscribe link, rather than reducing the amount undesired emails, you may very well end up getting more spam and malware-infected emails than ever before. In clicking the “unsubscribe” link, you just verified that your email address is legitimate. The scammer will now be sure to include it in email lists that they’ll sell to other scammers.

Some of us may be lulled into a false sense of security when it comes to potential threats sent to us electronically because we have good, strong security software on our computer as well as all of our other electronic devices such as phones, laptops and tablets. However, even if you have the best security software and install security updates on all of your devices as soon as they become available, you are not completely protected. The most expert cybercriminals are constantly exploiting previously undiscovered vulnerabilities in the software we all use. These are called Zero Day Defects, and the best security software will not protect you from them. It generally takes at least a month from the time that such defects are first used by cybercriminals until the security software companies and the makers of other software programs come up with security patches to protect you from them.

When it comes to recognizing whether an email with an unsubscribe link is legitimate and can be trusted, I urge you to remember my motto, “trust me, you can’t trust anyone.”

To determine whether or not an email is truly from a legitimate company, you can check out the email address from which it is sent. If the email address of the sender appears unrelated to the “legitimate” company from which the email appears to come, it is an indication that it is a scam.

Even if the email address of the sender appears to come from a legitimate company, you are better off just using your email provider’s option to block or mark the email as spam in order to prevent further such emails. While some cybercriminals who send mass scam emails take the lazy way out and use botnets to send the emails, other more knowledgeable cybercriminals will create email addresses that to the untrained eye appear to be legitimate. So, although it may seem like a waste of time, an effective and simple way to deal with the unsubscribe link is to ignore it and merely delete unwanted emails.

Featured image: Shutterstock

Become a Saturday Evening Post member and enjoy unlimited access. Subscribe now

Recommended

Comments

Your email address will not be published. Required fields are marked *