Question: Sometimes when I try to unsubscribe from a company’s e-mails, it asks for the e-mail address that I am trying to unsubscribe. Doesn’t the company’s system know my e-mail address, since I am using it to go through their unsubscribe process?
– Spouse Peripheral
Bluewater Bay, Florida
Answer: The answer to this question is going to be different depending on whether you’re dealing with messages that are typical SPAM, or messages that come from a retailer or perhaps a mailing list to which you knowingly subscribed. The presence of an unsubscribe link in an e-mail means that there is the potential for the company to be able to identify you from the link, but that pre-supposes that A) the e-mail is legitimately from who it claims to be from, and B) the company has the technology in place to perform that task.
The function that you suggest involves associating individual customer accounts with a link in an e-mail message that is very likely part of a mass e-mail campaign. Big online retailers might have many thousands of customers, and so generate thousands of e-mails. The overhead of creating and tracking a unique link for each customer is extra cost that they just might not want to deal with. That’s only one possibility, as it is impossible to apply a single “rule” to every retailer that might send out marketing e-mails. Suffice it to say that a retailer with a significant online presence might have a business plan that includes cultivating online relationships with their customers, and so might have an investment in exactly the kind of infrastructure that is required to do what we’ve been discussing. Or not.
On the other hand, purveyors of SPAM have no such agenda. They largely deal in information gathering. In fact, some SPAM might look like it came from the type of legitimate retailer or mailing list mentioned earlier. Clicking an “Unsubscribe” link might cause it to ask for your account information for no other reason than to force you to type it in so they can steal your account credentials. This practice is known as phishing. Phishing is a very common form of information thievery that is often an early step in the process of full-on identity theft. Some spammers are very good at what they do, and they control multiple sites that can look and feel exactly like a company’s legitimate site. A careful examination of the URL is the key to being sure what site you’re actually on before you give out your (hopefully secret) account information.
Spammers are often interested in simply verifying that a given e-mail address exists, is legitimate, and has a human being on the other end, reading messages that are sent to it. Lists of e-mail addresses are traded as commodities on the dark web, and the value of an address that has been proven to be recently active is far greater than one that is old, stale, or no longer in use. For this very reason, it is usually a bad idea to reply to, click links in, or sometimes even to open SPAM e-mails. Interacting with them in any manner confirms to the sender that you are currently actively using that address, and the likelihood of it being re-sold to other spammers increases exponentially.
The rules for handling SPAM are simple. In addition to what I mentioned earlier about not replying to or clicking links in SPAM, other best practices include letting it go into your SPAM folder, and simply deleting it as the garbage that it truly is. Also, don’t bother to try and block the addresses that send you SPAM. The chances are that it’s a throw-away address that the spammer acquired for the sole purpose of sending out one batch of SPAM, of which this e-mail is a part. He will likely never use it again, so blocking senders only serves to build up a large list of e-mail addresses that your e-mail reader must search through each time it processes a message.
To view additional content, comment on articles, or submit a question of your own, visit my website at ItsGeekToMe.co (not .com!)