Bleeping computer tried to check if it's true or not- scammers are using your action of unsubscribing from a newsletter as confirmation to the fact that the email address is an active one.
As soon as the user clicks on UNSUBSCRIBE button, the scammers mark it and sign it up for future spam and fraudulent mails.
Fellows at bleeping computer tried to see the whole thing in action by using couple of throwaway email IDs, they discovered that it would link other email addresses and that the test accounts would be flooded with spam mails once the button is clicked.
We are always taught to never open or click on a link related to a spam/unknown mail- that is like email 101.
But in this case, users can simply mark the subscription provider as spam rather than unsubscribing.
Top comments (7)
I'm pretty sure people have been warning about this for 20 years.
Only use the "unsubscribe" feature of something you deliberately signed up for. Anything else is spam, so delete it or report it. This is important: even if it looks like a legitimate company, if you didn't ask for it, it's spam.
Even though all this is pretty basic, people who are not tech savvy actually get trapped by these scammers pretty often which means awareness is lacking.
I've often wondered about this.
Do you think the Gmail-generated unsubscribe link above the email message has the same effect of informing spammers of a live email address?
The unsubscribe button in gmail actually looks for unsubscribe links and processes them when you click that button, it is just a shortcut so it has the same effect unfortunately.
There is a service called sanebox that has a feature called "black hole" that actually just hides the emails you receive (sends them to a trash folder) rather than unsubscribing you to protect you from this very problem!
Pretty cool !
Definitely something that Hey (hey.com) helps with.
Looks pretty cool !