Beware of what you click
Think twice before hitting the “unsubscribe” button in that annoying spam email, cybersecurity experts say. “Just like any business, spammers want a high return on investment,” according to Charles Henderson, IBM Global Managing Partner and Head of IBM’s X-Force Red. Attaching a fake “unsubscribe” link is one of the best ways for spammers to make sure their email hits its mark. And by clicking on it, you could be falling for one of the many tricks that cybercriminals use to scam you.
It could direct you to a spam website
Cybercriminals often use phony “unsubscribe” links to bring users to malicious webpages. Even links with seemingly familiar URLs are not always safe, according to Henderson. “Spam emails continue to get better and better over time,” he says. “Spammers can create custom URLs, or use a popular URL with a slight typo to trick the user it’s a trusted site.” He suggests hovering over the link with your mouse before clicking. If the URL looks strange or is misspelled, mark the email as spam or junk through your email’s interface instead.
It could confirm your email address is active
Unsubscribing from junk emails may seem like a simple way to clean your inbox, but doing so could actually make the spam problem worse. By clicking on a fake link in a spam email, you might be confirming to the spammer that your email address is correct, active, and checked on a regular basis. From there, they could sell your contact information to other cybercriminals, gain access to more of your personal data, or any of these other alarming things a hacker can do when they have your email address.