5 reasons not to unsubscribe from spam

Naked Security has a nice roundup of reasons not to click any unsubscribe links in spam emails:

The first is that by clicking the link you have confirmed to the spammer that the emai address they spammed is valid, which means they can spam you again or sell it on to other spammers as a validated address.

Secondly, by “unsubscribing” you’re effectively telling the spammer that you actually opened their email…and so may be susceptible to more targeted spam later.

Thirdly, if your unsubscribe goes back via email you’re sending all sorts of meta information about your system to them (the kind of thing the NSA and GCHQ spies on us all to get!) including email software, operating system and more.

Fourth, if the unsubscribe link is web based, then you’re leaking even more information to the spammer than you would via email, web browser, cookies, browsing history potentially, IP address and much more. They can also drop a cookie and track you thereafter.

Finally, if it’s a web unsubscribe, what if the page is infected with malware, or worse, deliberately hosts malware, a trojan or other software that might get installed on your computer and essentially give the spammer access to everything?

At best, attempting to unsubscribe from spam is a waste of time, at worst, you could be putting your data and identity at risk of all kinds of nastiness. Don’t ignore the spam: blacklist the spammer’s address as long as it’s not relayed from your own address or a legitimate contact, use your email software’s filters to automatically blacklist emails with spammy keywords and delete them otherwise untouched.

5 things you should know about email unsubscribe links….