“Unsubscribe” Phishing Scam

By:  |  Category: Blog Thursday, August 8th, 2019  |  No Comments

According to BleepingComputer, an old email phishing campaign that has been going on for a long time has surged once again,

The phishbait in the subject line will look something like this: “Confirm your unsubscribe request,” or: “Client #980920318 To_STOP_Receiving These Emails From Us Hit reply And Let Us Know.

The email doesn’t actually mention the specifics of what email you are requesting to have your subscription removed, but they really do want to hear from you.

If you receive one of these emails, simply delete it as you would any other spam. Should you accidentally click on the “unsubscribe” link or button the email offers, you will find that doing so composes an email message with no body text and the word “Unsubscribe” as the subject. It will be addressed to some fifteen-to-twenty recipients.

Why would “bad actors” want to do this? They are more than likely harvesting live email addresses, and live email addresses from nice people who are likely to open and act on other email messages they receive. Such lists can be used in other, more lucrative scams. They can also be sold on the black market to other criminals. In this case, unsubscribing will draw more spam, not less.

The trick may be an old one, but criminals will use any method that works. Sophistication is not their goal. Money is. This kind of scam can also cause problems for organizations whose well-intentioned employees might think they are relieving the organization of some burdensome spam.

EnhancedTECH recommends security awareness training to equip your employees with the ability to spot those pesky red flag phishing emails.

BleepingComputer has the story: https://www.bleepingcomputer.com/news/security/beware-of-emails-asking-you-to-confirm-your-unsubscribe-request/

Leave a Comment
Read previous post:
New Regulations Against Spoofing Texts and Robocalls

Sick and tired of all those robocalls? Not to mention the spoofing texts just waiting for you to errantly click....