Cybersecurity experts are raising concerns over a new scam that relies on deceptive unsubscribe links to verify active email accounts, paving the way for potential phishing attacks or information theft. According to a report from The Wall Street Journal, clicking on “unsubscribe” links in suspicious emails could compromise your device and personal data.
These links often redirect you away from the protected environment of your email app into potentially hazardous corners of the internet. TK Keanini, Chief Technology Officer at cybersecurity firm DNSFilter, compares it to stepping into the untamed frontier of the online world.
At the heart of the scam is a tactic known as email address collection. Cybercriminals insert tracking code into unsubscribe buttons to detect when someone clicks, which serves as proof that the email account is active. Once verified, these email addresses are labeled as “live” and can fetch a premium price on black market forums.
As per analysis from DNSFilter reveals that approximately one out of every 644 unsubscribe links has the potential to direct users to a harmful site.
Follow these easy tips to stay safe when trying to unsubscribe from emails:
Use the built-in unsubscribe feature provided by your email service (like Gmail or Outlook), which lets you opt out without leaving your inbox.
For emails that seem suspicious or come from unfamiliar sources, mark them as spam instead of clicking any links.
Don’t click on unsubscribe buttons in emails from senders you don’t know or fully trust.
Protect your identity by using privacy tools like Apple’s “Hide My Email” or browser add-ons available for Chrome and Firefox that shield your real email address.
Regularly update your email app and antivirus software to defend against the latest security threats.
