- Researchers warn about the “Unsubscribe here” in spam -e emails
- They can be used to redirect victims to malicious pages
- There are other ways to get rid of spam so users need to be on their guard
If you have received a spam -e -mail with a “unsubscribe here” button at the bottom, do not press it -it can do more harm than good.
This is according to TK Keanini, CTO for DNSfilter, who recently revealed that the pressure on such a button sends the recipient away from the security of the E -Mail client and into the open internet, where potentially malicious landing pages are lurking.
In fact, Keanini claims that one out of every 644 clicks can lead to a malicious site.
How can you unsubscribe?
Even if the click on the button does not lead directly to a phishing page, other subtle, more subtle, also lurking, too.
Keanini says hackers would often place it button just to see who clicks -which would also help them decide which e -mail addresses are active and thus worth targeting further.
The general rule of thumb seems to be – if you do not trust the company that sent the E email, you should also not trust the unsubscribe process.
So what is the alternative? The alternative is to unsubscribe by the E -Mail client itself rather than via the body of the e -mail.
Most email clients have “List-Unsubscribe headlines” that appear as built-in buttons and therefore do not include source code, Tom’s Guide explained. “If your E -Mail -Header does not contain a link, you can respond to your spam filters or try to blacklist the sender instead,” the publication explained further.
Those who do not have these options can use disposable -e -email addresses when they sign up for different services. Most E -Mail services providers also allow users to create thrown E -mail addresses. E.g. Gmail has a feature called “Plus addressing” or “Gmail aliases” which allows users to change their address by adding A + and a tag before @gmail.com address.
That way, the E -mail address used during registration could be [email protected]. Messages still arrive in the inbox, but they can be easily traced or filtered.
Via Wall Street Journal
