Scammers are increasingly relying on a tried and true bit of social engineering to fool unsuspecting users into unwittingly signing up to receive a flood of additional spam email. They accomplish this by blasting out an email asking recipients if they wish to unsubscribe.
The emails don’t specify exactly what the recipient is unsubscribing from, or why unsubscribing is necessary. Of course, the main purpose here is to verify that the email address is valid and that the recipient is susceptible to phishing scams.
Most of the emails in the current campaign contain two brightly colored icons, one green, that says, “Keep me subscribed!” and one red that says “Unsubscribe.”
Ultimately, it doesn’t matter which you click on. If you opt to stay subscribed, you’ll be emailed another “Verification” email that may ask you for additional personal information. If you click the link to unsubscribe, you’ll be sent a verification email asking why you’re leaving and of course, for additional personal information.
In either case, you’re playing into the hands of the scammers and self-identifying as a person susceptible to such things.
As ever, education is the best defense against this kind of thing. If you get an email like the one described above, your best bet is to simply mark it as spam and delete it. All reputable companies will clearly identify themselves and what, specifically, you are unsubscribing from.
If you do fall victim to this ploy, you can expect to be inundated with a wide assortment of phishing emails, which will invariably increase your risk. After all, the scammers only need to succeed once to make your life a living nightmare for months, and possibly years. You have to stay vigilant twenty four hours a day, seven days a week to protect yourself.