This article has been indexed from E Hacking News – Latest Hacker News and IT Security News
Scammers send out fake ‘unsubscribe’ spam emails to validate legitimate email addresses for future phishing and spam campaigns.
Spammers have been sending emails that merely inquire if the user wants to unsubscribe or subscribe for a long time. These emails don’t specify what the user is unsubscribing or subscribing to, and spammers are using them to see if the recipient’s email address is real and vulnerable to phishing scams and other nefarious activity.
If they get the needed confirmation, they’ll bombard it with various spam emails. The campaign is simple in design – the victim will get a basic email with this call to action in it asking whether the consumer wants to unsubscribe or subscribe:
“Please confirm your Subscribe (sic) or Unsubscribe. Confirm Subscribe me! Unsubscribe me! Thank you!”
If the user clicks on the embedded subscribe/unsubscribe links, the mail client will generate a new email that will be forwarded to a large number of different email addresses controlled by the spammer.
After sending the mail, users expect to be unsubscribed from future communications but they are, however, confirming for the spammers that their email address is real and under surveillance.
BleepingComputer created a new email account for testing purposes, which they never used on any website or service. When they responded to multiple confirmation emails received on an
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: Pay Attention: These Unsubscribe Emails Only Lead to Further Spam