The tale this week of a subscription scam may seem, at first, to be no biggie. But… there is a thing called the ‘subscription economy’. This is because we all subscribe to many, many, online things; from news sites to streaming media to food boxes to shaving goods.
So many online sites now have a ‘subscribe’ box to get your consent so the company can lawfully (under GDPR) send out information on products. If you are like me, you will have signed up for so many that you lose count of who and what you have subscribed to. We often then unsubscribe to manage the many online subscriptions we take on.
It is this exact weakness that this week’s scam is exploiting. Welcome to the world of email harvesting…
The Unsubscribe Scam
The email that arrived in our inbox this week looked pretty innocuous. It was entitled:
“myname Confirm your unsubscribe request”
The body of the email was straight forward. It told me I had requested an unsubscribe from a ‘dating mailing list’. Below this were two boxes with links to let me either confirm the unsubscribe or continue my subscription.
My name, in the title of the email, was taken directly from my actual email address, e.g. firstname.lastname@example.org became:
johnsmith Confirm your unsubscribe request
It looks convincing, but it is easy to extract a name from an email address and place it in an email title – do not be fooled.
What Happens if You Click the Link?
The links in both boxes, when clicked, create a new email message. The email is populated with five email addresses. Each goes to a different account, an example of two of them: email@example.com and firstname.lastname@example.org
Unlike some traditional phishing emails, the links do not take you to a spoof site.
Unlike some traditional phishing emails, there was no infected attachment in the email.
So, why was this a scam email?
Email Harvesting – The Long Game
Fraudsters sometimes play the long game. This week’s scam is all about harvesting live email addresses. If you click unsubscribe or continue my subscription and click reply in the new message created, you will start the scam process.
Once the scammers receive a reply from the fraudulent email, they know that there is a real person at the other end. They also know that this person is more likely to click a phishing link in subsequent traditional phishing campaigns.
This type of scam email is particularly dangerous because they can go under the radar. Email harvest scams do not follow the typical phishing profile. Instead, they are like scouts, checking out the lay of the land to increase the chance of a subsequent phishing campaign being successful.
If you receive an email that is similar to this and when clicking a link, you see a new email open showing several email addresses, do not send it.
Why not help your colleagues stay safe and send them this little reminder. Feel free to edit, copy/paste the advice below:
The Unsubscribe Scam
A scam is doing the rounds that requires you to unsubscribe to a service/mailing list. It asks you to click either to unsubscribe or continue your subscription.
DO NOT CLICK ANY LINKS IN THIS EMAIL
If you do click the link, a new email will be created showing several email addresses in the reply box. If you send this email it will show the fraudsters that your email address is live. Your email will then be used in subsequent scams.
Don’t forget to share this with your colleagues and friends and help them stay safe.