Beware of what you click
Think twice before hitting the “unsubscribe” button in that annoying spam email, cybersecurity experts say. “Just like any business, spammers want a high return on investment,” according to Charles Henderson, IBM Global Managing Partner and Head of IBM’s X-Force Red. Attaching a fake “unsubscribe” link is one of the best ways for spammers to make sure their email hits its mark. And by clicking on it, you could be falling for one of the many tricks that cybercriminals use to scam you.
It could direct you to a spam website
Cybercriminals often use phony “unsubscribe” links to bring users to malicious webpages. Even links with seemingly familiar URLs are not always safe, according to Henderson. “Spam emails continue to get better and better over time,” he says. “Spammers can create custom URLs, or use a popular URL with a slight typo to trick the user it’s a trusted site.” He suggests hovering over the link with your mouse before clicking. If the URL looks strange or is misspelled, mark the email as spam or junk through your email’s interface instead.
It could confirm your email address is active
Unsubscribing from junk emails may seem like a simple way to clean your inbox, but doing so could actually make the spam problem worse. By clicking on a fake link in a spam email, you might be confirming to the spammer that your email address is correct, active, and checked on a regular basis. From there, they could sell your contact information to other cybercriminals, gain access to more of your personal data, or any of these other alarming things a hacker can do when they have your email address.
You could receive even more spam
Once cybercriminals know that your email address is active, they are more likely to continue contacting you and plaguing your inbox with spammy emails. That said, it is perfectly safe to unsubscribe from newsletters or promotions from a legitimate company – as long as the link directs you to a trusted website, Henderson says. The law actually requires companies to include an unsubscribe option in both the email’s header and the body of the message, according to cybersecurity experts at Lastline.
Hackers can download malware
On top of compromising your email account, hitting the “unsubscribe” button in a spam email could also compromise your computer. Hackers might take the opportunity to download a virus to your PC or Mac instead of removing your email from their mailing list. If you accidentally click on a malicious link from a spammer, certified computer tech blog Rick’s Daily Tips recommends immediately blocking the email’s sender and running a malware scan on your computer.
Hackers can spy on and impersonate you
A virus or other malware on your computer can spell serious trouble for your digital privacy. “If malware is deployed, the spammers can often see everything you’re doing on your computer, including capturing keystrokes for your passwords and banking information,” according to Henderson. Then they can use that information to impersonate you online, he says.
Worried your PC or Mac might be vulnerable to hackers? Here are 9 ways your computer password will get you hacked.
What to do: Ignore untrusted emails
While you should breathe easy about unsubscribing from legitimate emails, you are better off ignoring anything questionable that lands in your inbox. Henderson suggests deleting untrusted emails or blocking them for good by marking them as spam or junk. “If you are still considering clicking a URL, before you do so, hover over it to see the website it’s directing you to and ask yourself if you trust it. If not, don’t click it,” he says.
What to do: Keep your email address private
Another certain way to protect yourself from spammers: Share your email address only when you have to. Posting it on public websites and forums will only draw unwanted attention to your inbox, Henderson says. That’s not all you can do to avoid falling victim to a digital scam.
Sign up here to get Reader’s Digest’s favourite stories sent to your inbox!