In order to confirm authentic email addresses that can be utilized in future phishing and spam operations, fraudsters are now employing false unsubscribe spam emails.

In these emails, spammers merely ask if the user wants to unsubscribe or subscribe. The emails don’t give any further information on the things you are unsubscribing or subscribing to and are being used by hackers to check whether the receiver’s email is valid and vulnerable to phishing attacks and other malicious activity.

The “confirmation” emails use mail subjects, such as “We_need your confirmation asap”, “Request, please confirm your unsubscription”, and “Verification.”

The email messages are rudimentary, with only colorful boxes containing links asking whether you would like to unsubscribe or subscribe.

confirmation unsubscribe spam emails

Source

If you click on the embedded subscribe/unsubscribe links, it will cause your mail client to create a new email that will be sent to several different email accounts under the hacker’s control.

When users send this email, they think they will be unsubscribed from future emails, but the truth is that spammers check if their email addresses are valid.

A test conducted by BleepingComputer showed that their response to different confirmation emails with subscribe or unsubscribe led to their newly created account becoming swamped with spam emails.

This test further confirmed that spammers are using these subscribe/unsubscribe emails to filter their mailing lists and check email accounts vulnerable to these types of scams and phishing attacks.

The best thing to do when receiving an email that asks you to subscribe or unsubscribe is to disregard it and mark it as spam.

Heimdal Official Logo
Email communications are the first entry point into an organization’s systems.

Heimdal™ Email Fraud Prevention

Is the next-level mail protection system which secures all your incoming and outgoing comunications.
  • Deep content scanning for attachments and links;
  • Phishing, spear phishing and man-in-the-email attacks;
  • Advanced spam filters to protect against sophisticated attacks;
  • Fraud prevention system against Business Email Compromise;
Try it for FREE today Offer valid only for companies.

Unfortunately, there is no way to keep yourself completely protected from phishing attacks. They are inevitably going to happen, however, you can be careful about the emails, phone calls, SMS that you receive and not click any suspicious links.

Also, it is not recommended to open any attachments or provide personal information on a pop-up screen. Authentic companies don’t request the user to enter private data inside a pop-up.

featured photo for heimdal news
2021.05.31 QUICK READ

Phishing Victims are Urged to Send their Mailing Address to Hackers Posing as Walmart

2019.07.24 SLOW READ

What Is Spear Phishing and How Do You Prevent It?

Detecting and Preventing Phishing
2018.07.25 SLOW READ

The ABCs of Detecting and Preventing Phishing

Comments

Please unsubscribe me

Leave a Reply

Your email address will not be published. Required fields are marked *

GO TO TOP