4920 Constellation Drive
White Bear Township, MN 55127-2218
firstname.lastname@example.org | 651.407.8555
Using “Unsubscribe” links might seem like a good way to prevent junk emails from cluttering your inbox but doing so is risky. Here are four reasons why you should avoid clicking “Unsubscribe” links in emails.
If the junk emails in your inbox seem to multiply as fast as the dust bunnies under your bed, you might be tempted to clean house by clicking the “Unsubscribe” link found on many of them. However, that’s one temptation you should resist because it can lead to unfortunate consequences.
Here are four reasons why you should avoid clicking “Unsubscribe” links in emails:
When you click “Unsubscribe”, you are letting the email’s sender know that your email address is valid and actively being used. Further, it lets the sender know that its email piqued your interest enough for you to open and look at it. While this information is relatively harmless in the hands of legitimate organizations, it will probably prompt shady groups to increase rather than decrease the amount of mail they send to you. They might also sell the information to the highest bidder, which could lead to even more junk mail.
When you unsubscribe, you might be unwittingly sharing information about your device and what is on it. The type of information depends on how the unsubscribe system works.
Some systems open a web browser window and load a specific web page when you click the “Unsubscribe” link. When you visit the page, the website’s owner can learn a lot about your device, including its location (based on the IP address), the operating system that is installed, and which web browser is being used. The owner might also place a tracking cookie on your device, which allows them to identify you if you visit any website they own.
Less telling information is shared by systems that send unsubscribe requests via email (i.e., the “Unsubscribe” link opens an email window). Every email you send includes metadata hidden in the message header. This metadata can include details about the anti-spam software you are using as well as the name and IP address of the email server that sent the message.
If the data about your device and the software on it falls into hackers’ hands, they could potentially use it to devise cyberattacks against you. The attacks would have a better chance of succeeding because they would target the specific software your device is running.
For years, cybercriminals have been creating phishing emails that try to trick recipients into clicking an “Unsubscribe” link. People who fall for the ruse are often sent to a web page that downloads malware on their device or steals the personal data they enter into a form.
For example, in October 2020, a new unsubscribe phishing email scam was making the rounds. Cybercriminals sent out emails that included the message “Your subscription to our Adult Dating list has been confirmed. For your records, here is a copy of the information you submitted to us”, which was followed by the email recipient’s name and email address. The message went on to say that they could unsubscribe from the list if they didn’t want to receive emails from the adult dating site. All they needed to do was click the “Unsubscribe” link, which sent them to a malicious website.
The Best Way to Get Rid of Junk Mail
The best way to get rid of the junk mail in your inbox is to mark the message as spam in your email program. That way, any emails you receive from that sender in the future will be automatically sent to the junk folder.
Web Browsing Flurry flickr photo by JoeHart42 shared under a Creative Commons (BY) license