Getting email you didn’t sign up for? Don’t unsubscribe—it might be a scam
Image: Justin Morgan / Unsplash
Unwanted email is a daily part of life. How you deal with it could put you at risk, though. Handling it the “right” way by clicking on an unsubscribe link or button could actually send you to a phishing or otherwise dangerous site.
The reason: For years, the advice was to unsubscribe from email lists—even those you hadn’t signed up for. The thought was that your data got sold to a legitimate business, so they would heed the requests to get off their mailing lists.
But more commonly now, scammers and would-be attackers are using email lists as a way to try to sneak data from you without you knowing. Some may just be verifying that the email address is valid—and if the recipient is willing to interact with spam. A hacker could then build a profile about you, in order to try to successfully scam you through tactics like social engineering.
Other false unsubscribe links could aim to steal data from you, like through phishing sites designed to capture login information. (If a website ever wants your password to unsubscribe, stop immediately and close that tab!) Malware downloads are also a possibility, though less likely according to experts interviewed by the Wall Street Journal.
Still, the same WSJ article also notes that one in every 644 clicks on unsubscribe links sends individuals to shady sites. So what do you do, if unsubscribing from an email is a dangerous proposition? You have three options:
- If the website is a known, legitimate site: Open a fresh tab in your browser, then use a search engine to find the site’s unsubscribe page. Or, if you have an account with the site, log in and look for a “Manage communications preferences” section in your account settings.
- Mark the message as spam. You can also block the sender if it’s obvious it’s a junk account.
- Create a filter for email with that subject line (or style of subject line) that sends such messages straight into the trash. (Example: “Get 50%off specislty items!” is something that flooded my work inbox for a while until I filtered by subject instead of sender.)
In addition to being more careful about unsubscribe links, also keep your antivirus software up to date—for the times you accidentally forget, or you decide to trust an email that turns out to be malicious, it’ll help provide protection.
Author: Alaina Yee, Senior Editor, PCWorld
A 14-year veteran of technology and video games journalism, Alaina Yee covers a variety of topics for PCWorld. Since joining the team in 2016, she’s written about CPUs, Windows, PC building, Chrome, Raspberry Pi, and much more—while also serving as PCWorld’s resident bargain hunter (#slickdeals). Currently her focus is on security, helping people understand how best to protect themselves online. Her work has previously appeared in PC Gamer, IGN, Maximum PC, and Official Xbox Magazine.
