New phishing attack uses email subscriptions cancellation. Don’t unsubscribe

We have all received spam emails, whether it is promotions, subscriptions, or simple reminders from the online services we use. The best way to stop receiving them is to open the email and select the “Stop receiving these messages” option, usually included as a link to an external site.

A recent report mentions that threat actors have found a way to abuse this practice, sending phishing emails disguised as subscription alerts, exposing the information of millions of users.

In a world where hackers are a real threat, any link to an unknown website could put people at risk, especially if attackers know what factors to exploit to achieve their objectives, and this new attack variant is a sign of it.

Seemingly legitimate, these emails are sent in bulk to random users. Threat actors fill these messages with undesirable propaganda, causing the user to try to avoid receiving more spam; however, this is a scam to redirect victims to a malicious website where their confidential data, including credit card numbers, will be stolen.

With such information in their hands, malicious hackers will know the best method to rob the victim in question. The attacks do not stop there, as criminals can install malware or tracking programs on compromised devices to fully monitor the victim’s Internet activities.

Fortunately, it is not all bad news. Cybersecurity specialists say that it is really easy to avoid falling into this trap; If you receive a spam message, you can just mark it as spam, so your email platform will block this content automatically, so there will be no need to be redirected to the site operated by the hackers.