Hint for Emails

[IceFM]

...... Daria Shcherbak , TSN, 19.06.2025

The unsubscribe button can be dangerous: How to avoid falling into the fraudsters' trap

Your email may become a target for hackers if you click the unsubscribe button in a suspicious email.

To receive "clean" emails, many internet users click the "unsubscribe" button in advertisements or newsletters every day. But as it turns out, this not only doesn't protect against spam, but also poses a serious threat to personal security and data.

This was reported by the Wall Street Journal, citing data from the company DNSFilter.

Every 644th click of the "unsubscribe" button in emails leads to potentially dangerous websites. Some of these may contain malware, others collect data, or mislead users by mimicking familiar user interfaces.

At first glance, this may seem like a simple way to clear your inbox. However, according to Michael Barguri, CTO of Zenity, such actions often confirm to hackers that the email address is active and belongs to a real person. This can later make the user a target for targeted attacks, ranging from extortion to the collection of personal data.

"Trust on the internet is relative. I trust my email client, but not the content of the email," explains TK Keanini, CTO of DNSFilter.

Opt-out phishing attacks aren't just about collecting email addresses. According to Charles Henderson, vice president of cybersecurity at Coalfire, some attackers create entire "dossiers" on users. If a victim enters personal information—especially passwords—on a phishing page, this opens the door for further account hacking or extortion.

A typical warning sign is when the website to which the "Logout" button redirects asks for a password or other information. In this case, experts recommend closing the page and not entering any further information.

How to protect yourself:

Don't click on links in emails from unknown senders. If in doubt, delete the email or mark it as spam.

Use List-Unsubscribe Headers. These built-in tools are placed in email headers and supported by most email services (including Gmail and Outlook). They are much more secure than text hyperlinks within the email.

Set up email filters. If a sender regularly sends unwanted emails, create a rule that automatically moves them to your spam folder.

Change passwords regularly and use two-factor authentication.

Use reliable antivirus and web protection filters.

What should you do if you have already clicked and suspect fraud?

Immediately change the passwords of all accounts linked to email.

Use an antivirus scan.

Contact your email service support.

Take a screenshot of the suspicious email and report it to your cybersecurity service or law enforcement authorities.

In today's digital world, even a simple click of the "Logout" button can pose a threat. In the age of phishing, hacking, and massive data breaches, extra caution is required. Cyber ​​hygiene is no longer a luxury, but a necessity.

We would like to remind you that we previously wrote that Google is implementing a new security feature in Android that involves automatically restarting the device if it has not been unlocked for three days in a row.

After such a reboot, the user must enter a PIN or password to access the device. This feature works on smartphones and tablets, but does not affect Android smartwatches and TVs.