Published: September 09, 2024 on our newsletter Security Fraud News & Alerts Newsletter.
Newsletters can be a very easy way to stay informed about news, events, special offers, and a whole lot more. But they also seem to appear in your inbox without your authorization, for a whole host of reasons. And if you don’t want them, often, clicking "unsubscribe" is enough to stop receiving them. But use caution. There are dangers lurking there too, including phishing attacks; and targeted ones at that.
If you no longer wish to receive these letters, you can usually easily unsubscribe from the newsletter by clicking on "Unsubscribe" at the end of the email. However, cybercriminals sometimes take advantage of this functionality too. How? Well, here’s how.
Phishing: Clicking on the “unsubscribe” link can be enough to install malware on your computer. If a newsletter is fake, for example, that "unsubscribe" link can also be dangerous.
Phishing links are designed to trick you into entering your personal data on the following pages. And often, when you click to unsubscribe, you are asked to enter your email address. In some cases, that information goes to a cybercriminal who uses it to send additional phishing attacks.
Spam traps: If you unsubscribe from a newsletter, you unintentionally let the criminal know that your email address is actively being used and thus make yourself a victim for further attacks of this kind.
Spammers usually send their newsletters to several million email addresses at one time. They do not know whether these addresses are correct. By clicking to unsubscribe, you’re confirming that their message got through.
Safely Unsubscribing
The next time you find an unknown or undesired newsletter in your inbox and want to unsubscribe, first do a quick check to see whether it is a fake one. If the newsletter shows up in the spam or junk folder or the message seems strange in some other way, you should be particularly careful and look out for the known phishing characteristics. These include typos, poor grammar, unknown senders, unexpected links or attachments, blurred graphics, or just a feeling that it’s not legit. It is much safer just to mark the email as SPAM or JUNK and not clicking on the unsubscribe. Many email services offer unsubcribe features that do not require you to click a link.
How’d They Get My Name
Most newsletters come from verified companies and do not contain any intended threats. However, with all of the recent data breaches that include email addresses, it’s getting more difficult to know which ones are legitimate companies and which ones are from cybercriminals. If you didn’t actively sign up for a newsletter, you can send it to the trash or block it. If you continue receiving them, report it to your email provider.
How to Protect Against Phishing Attacks
These tips should help you avoid becoming a victim of a phishing attack the next time a spam newsletter lands in your inbox.
If someone tries to get you to act with urgent demands, that is usually a sure sign of phishing.
Never enter your data anywhere hastily or click on links, but first check known phishing characteristics, such as a spoofed (faked) e-mail address behind the sender's name, typos, and generic greetings to name a few.
Be sure to use an anti-virus program and regularly check your browser, operating system, and all software for new security updates.
What to Do if You Have Opened a Phishing Link
Even if you haven't entered any data on the phishing page, there is a risk that your device has been infected with malware. Stay on top of phishing cues to avoid this.
However, if you did click a link or attachment and then determine that maybe it was not the correct action, contact your administrator for assistance. If it’s your personal device, you may need to reset it to factory settings if you cannot directly delete an offending app or program. If you cannot determine when you got the malware on the device, consider whether restoring from a previous backup is the right course of action. In some cases, you may just end up reloading the malware.
If you still cannot remedy the situation, it may require contacting a tech support provider or the device manufacturer.
Keep up to date: Sign up for our Fraud alerts and Updates newsletter
Want to schedule a conversation? Please email us at advisor@nadicent.com
Opmerkingen