Featured Image Credit: SEAN GLADWELL via Getty
Getting spam emails from places you have no interest in is one of the more frustrating parts of the online experience, yet tech experts have warned against blindly unsubscribing from these as it could lead to something far more dangerous.
We've certainly all been there - you signed up for a newsletter over a decade ago and somehow your email account is still getting weekly or even daily updates.
It becomes easy enough to ignore after a certain amount of time, especially if your unread emails have piled into the thousands over the years, but it's probably got to the point where it'd best for all parties if you just simply hit the unsubscribe button.
However, while you might think that doing so would not only free up your inbox but also protect you from any spam, tech experts have revealed that cybercriminals are now hiding sophisticated attacks through these unsubscribe buttons, meaning you might want to think twice before going ahead with it all.
Advert
As reported by TechCrunch, DNSFilter CTO TK Keanini has outlined the worrying cybersecurity risks associated with the otherwise harmless unsubscribe button at the bottom of most emails, warning that this has now become a route for bad actors to attack.
He outlines that roughly one in every 644 clicks of the unsubscribe button can lead to a potentially malicious website, and while that number might seem small in isolation, it becomes incredibly worrying when you think about the number of emails that the average person receives.
In an interview with the Wall Street Journal, Keanini reveals that there's always a risk with links that take you outside of the otherwise safe email client, and something as simple as confirming that your email address is active could provide the trigger for cybercriminals to start their action.
Links can also lead to phishing websites designed to mimic an authentic unsubscribe page, and these can prompt you to enter your login details or even install malware onto your device in the worst case scenario.
As a general rule of thumb you should never have to enter your password in order to unsubscribe your email from a website, so if a website ever asks for it then it's highly probable that you've clicked on a malicious link.
Additionally, websites do sometimes ask you to re-enter your email in order to confirm the process of unsubscribing and this isn't inherently a bad sign, but you might want to try and avoid this process if you can and see if there's an unsubscribe prompt within the email client itself.
If that isn't an option, your best course of action is to either put up with the emails and ignore them as best you can, or mark them as spam within your email client which can lead to a blacklist after repeated offenses.
While phishing attempts through unsubscribe buttons are rare, especially from reputable sources, it is still something to be aware of when you're going through the process as many people won't have even considered it to be a risk in the first place.
