Don't Click That Link

We received a request to unblock a web site yesterday. The justification went something like this:

I received an email message containing some inappropriate content. The message said that I had signed up to receive this content, but this must be a mistake. I tried to unsubscribe, but when I clicked the link, the site was blocked. Please unblock the site so I can unsubscribe and stop receiving this inappropriate content in my inbox.

Thankfully, our filter review team denied the request. As soon as you click on the unsubscribe link in a spam message, the sender of the spam knows the following things:

  • virusYour email address is valid.
  • The spam message got through any spam filters in place and was delivered to you.
  • You opened the message.
  • You read the message. At least, you read the part about unsubscribing.
  • You took action based on the content of the message by clicking a link.

These facts make you a much more attractive target for spammers. You just got a big gold star next your name on their list. The liklihood that your email address is going to find its way onto other lists is very high.

But that’s not the worst that could happen. According to the iDeceive blog and OnGuard Online, many of the “unsubscribe” links also try to exploit vulnerabilities on your computer, installing spyware, trojans, or other malware.

Keep your operating systems’s security patches up to date. Make sure you have anti-virus software installed and that it gets updates frequently. Use a firewall to protect your computer from the Internet. And don’t click on links in email.