Unsubscribe email scam: How to protect yourself

Aren’t spam emails the worst? Sometimes they are just an annoyance, but other times they pose a real risk by infecting your device with a virus or stealing personal data. So, if an unwanted email lands in your inbox and you see an “unsubscribe” button, why not click on it?
Unfortunately, some unsubscribe links are fakes that will put you in danger of receiving even more spam… or worse.

by Alyssa Schmitt
Man sitting on steps outdoors looking at laptop
Should you unsubscribe from spam? Only if you are certain that the link is safe.

In 2022, nearly 49 percent of all emails worldwide could be classified as spam. Meanwhile, in the same year around 30 percent of adults encountered phishing scams. In other words, spam can be both a nuisance and a danger. Which is why in the United States – and in many other countries – it is actually illegal to send commercial emails without providing recipients with a way to opt out of receiving them. So, even a newsletter you signed up for will include an “unsubscribe” button or link, usually somewhere near the bottom of the page.

Suppose you open a spam email and see an unsubscribe option. What could be better? Click the button and the spammers will remove you from their mailing list, right? Unfortunately, it is not always that easy.

Some spammers and scammers have found ways to use these links inappropriately for other purposes. Which is why you will sometimes find an unsubscribe link in a dangerous spam message – or should we say, scam message – like a phishing email.

Since cybercriminals know how irresistible it is to click on a button promising us the chance to unsubscribe from spam emails, they sometimes use unsubscribe links and buttons in fake emails to hide a link to a malicious website. Or it could trigger the installation of malware on your device. In other words, there is an unsubscribe email scam that is a form of phishing.

What happens if you click an unsubscribe link from a spam email? 

  • If the email is actually a phishing scam, clicking unsubscribe may start a download that will infect your device with malware, or it may take you to a malicious website.
  • If the email is a sketchy attempt to peddle unsolicited goods or services – e.g., cheap pharmaceuticals, quick loan approval, etc. – clicking the opt-out link may simply prove to the sender that your email address is active. This will prompt the spammer to target you for more spam going forward. Unfortunately, you may have just signed up for more spam, not less.
  • If the email is actually a legitimate commercial email – e.g., a newsletter or special offer from a company you regularly shop from – clicking the unsubscribe link means the sender will remove you from their mailing list and you will not receive this type of message from them again.

Pro tip: Check sender addresses and links in emails

Unsubscribe scams are just one more example of why you should never, ever click a link in an email that comes from an address you don’t know. Since sender addresses and link texts can be faked, it’s always best to double-check the sender address and the links by hovering over them with your mouse on your computer – this will cause the full email address or URL to appear.

On your phone, you can tap the sender's name to reveal the full email address. To check a link, do not tap on it: instead, place your finger on it and hold it down. A menu will open showing the full link as well as options to open it or to preview the page. If it looks fishy, just tap somewhere else on your screen to close the menu.

Still not sure? Check out our explainer: Is this URL safe? How to check if a link you received is dangerous

How to safely unsubscribe from spam emails

If you do not remember subscribing to a newsletter or agreeing to receive emails from a store or brand (sometimes we do this to receive a discount), you should exercise caution in clicking an opt-out link. However, if you are a subscriber and you have verified that the sender address and link in the email are legitimate, you can opt out of spam mails using the unsubscribe link. Also, keep in mind that if you are a registered user of an online store or service, you should be able to opt out of mailings in your account settings. So, for more peace of mind, you can log in and unsubscribe there rather than clicking on any links in an email.

If you are not 100% certain that an email is legitimate, steer clear of the unsubscribe button and instead mark the email as spam. This will automatically send it to your Spam folder and help train your personal spam filter, making it more likely that similar emails from the same sender will go straight to Spam next time. A well-trained spam filter is one of the most effective ways to block spam emails.

Bonus explainer: How to stop email spam

If you are wondering about your other options for recognizing and dealing with spam, why not take a look at our deep dive: Email spam: Why do I get spam messages & how do I get rid of them?

We hope this explainer will help you steer clear of spam emails with fake unsubscribe links! We look forward to your feedback.

Still don’t have a mail.com account? Sign up for free today!

Images: 1&1/Shutterstock

251 people found this article helpful.

Related articles

Ask the expert: How to protect yourself from spam and phishing

The “Hi Mom!” phishing scam: How to recognize and avoid it

Spear phishing: Understanding email attacks