How many times a week do you get an email advertising a sale or new product, or suggesting you read their new blog or telling you what’s new at their store or company? How often do you actually remember subscribing to that website’s emails?
In a technology based world- stores, brands and companies use email as a common method of marketing to customers. In some cases, being on the receiving side of these platforms, is rewarding. After all, we are all guilty of our excitement rising when we come across an email in our inbox promoting a deal on an essential product, at our favorite store or for a service we are in need of. But more times than not, seeing our inbox filled with junk emails and emails from websites we may not even recognize, is irritating.
If you are like the majority of society, you often find yourself using the “unsubscribe” feature to websites you don’t remember subscribing for, companies you don’t recognize and sites that simply send you too many emails. Unsubscribe gives the user control of what comes into their inbox and gives them a sense of safety to cyber criminals.
But what if I told you that cybercriminals have now developed tactics of using the unsubscribe feature to fool users?
Unfortunately, this is a reality. Cyber criminals are using the once comforting control to trick users. They are sending emails to user’s inboxes the allow them to proactively unsubscribe from websites. Scammers are often posing as fake websites, which gives them leverage because they don’t even have to appear as a company that users have a connection with, which leads to less suspicion than when a user receives a rare email from a company they are in common contact with.
These emails are often entering inboxes with subject line “Confirm Your Unsubscribe Request” with a link to supposedly unsubscribe inside of the email. In a recent article written by KnowBe4, it was explained that this is most commonly being used by scammers to identify if email accounts are alive and active, in order to further insert themselves into users credentials through another attack later on. But as always, any unknown link from a cyber criminal poses a threat of malicious malware to be downloaded onto the device.
You likely hear IT companies or other people in the technical industry commonly telling you to be careful of what email links you click on. These unsubscribe scams are no exception. As cyber criminals continue to find new ways to threaten companies and their security, our defenses and awareness must continually grow as well.
Cyber criminals are frustrating and irritating. We shouldn’t have to worry about these threats. The IT Company is here not only to educate and protect you on the front end, to arm you for recognizing threats, such as the unsubscribe scams, but to be there when something goes wrong. To learn more about implementing Security Awareness Training within your company to protect your business from these malicious cyber criminals, schedule a meeting today.