Why you should never hit 'unsubscribe' on an illegal spam email
Whatever you do never hit unsubscribe on an illegal spam email.
Article originally appeared on 02.02.21.
If you're like me, every morning when you check your email you find the same spam emails, even though you've unsubscribed what feels like hundreds of times.
Cannabis gummies? I unsubscribed to that yesterday.
Sketchy looking refinance company? Nope.
All-natural diabetes cure? I don't even have diabetes.
It seems like no matter how vigilant you are about hitting the spam button or moving these emails to your junk mail folder, the same ones keep coming day in and day out. Why is that?
Because these illegal scammers operate in the complete opposite way of legitimate marketers.
When you ask to be removed from a list by a law-abiding company, the emails stop. Let's say you signed up for a newsletter that no longer interests you or purchased something from an online retailer and are tired of its daily sales letter. By hitting the unsubscribe button you're usually taken off the list immediately.
That's because companies that are operating illegally are afraid of violating the CAN-SPAM laws put into place in 2003. These laws stipulate that "a visible and operable unsubscribe mechanism is present in all emails" and that "consumer opt-out requests are honored within 10 business days."
Dark web behind spam.
Now, when you open an email from illegal scammers, you may actually get more of their emails.
When these spam companies send you an email and you open it or hit unsubscribe, it confirms to them that your email address is viable. Most illegal spammers aren't targeting you specifically, they send millions of emails a day to random email addresses, some that they've fabricated out of thin air.
So by opening the email and hitting unsubscribe or reporting it as spam you are accidentally telling them, "I'm game."
"It's the wrong instinct cause of what ends up happening," Marc Maiffret, a former hacker, told NBC Chicago. "As soon as you hit unsubscribe, you're essentially saying x, y, z email address that had received it ... is active, there's actually somebody there."
Opening the email inbox.
What's worse is that by hitting the unsubscribe link at the bottom of the email you may be opening yourself up to attack.
"In reality, that's usually an indicator to increase the level of things they send to you. We even see when you click unsubscribe, it'll take you to a website and the website will actually try and attack against your computer," Maiffret explained.
So the best thing to do if you see a spam email is not to open it. Instead, mark the checkbox next to the email, and then hit the spam button. Spammers get reports on which emails were opened, so be sure never to do so.
But whatever you do never hit unsubscribe on an illegal spam email.
"Don't hit unsubscribe if you don't know who it's from," Chicago-Kent Law Dean Harold Krent, a privacy expert, told NBC. "[The spammers] don't know there's an active being behind that email until you respond in some fashion. Once you do, it's ripe for the selling."