Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

Have your say and comment below.

Thursday, 15 December 2016 09:05

Warning – the latest spam scam is 'unsubscribe'


The latest “seasonal” scam is to link a “payload” to unsubscribe buttons. It starts with a socially engineered phishing campaign sending out copious legitimate looking newsletters or e-zines, typically on topics relevant to your interests.

Faced with an ever-increasing, bulging, email inbox and a bit of spare time over the holidays you may do the right thing and try and clean up the inbox, junk, and clutter. But cybercriminals are way ahead of you. Please note that this advisory is most relevant to Windows and its built-in mail client or Outlook/Exchange.

The first scam comes when you select the unsubscribe button; Internet Explorer opens (not the later more secure Edge), and you are taken to a fake website that asks you to confirm your email address.

It is seemingly innocuous but it has also confirmed your email address is alive and captured leaked metadata from your browser like your IP address, location, operating system and more.

One of three things can happen. Either a drive-by payload (see infographic at the end of the article) will infect your system, or a pop-up questionnaire/video/message appears that won’t let you exit the screen until you click a button which can install malware, or if you are extremely lucky you actually unsubscribe.

The success of this scam depends on how old your Windows is, whether it, and IE have been patched, if you have anti-virus/malware/spam software installed and a few more things. But wait there is more, and that comes from actually “opting out”.

The next trick is that unsubscribing simply confirms your email address is alive – cybercriminals get paid more for “clean” spamming lists, and you have just made them some cash. Most “spam” actually has overly obvious “opt-out” buttons because they want you to tell them you are alive.

The best thing you can do with spam is a) don’t open it and b) mark it as junk, so it goes to a junk folder. But wait there is more.

As your junk folder grows so too does the amount of storage it uses. Spammers are aware of this, so it is in their interests to mercilessly spam you until you are forced to empty your junk and clutter folders.

It is good email hygiene to look at both of the above boxes regularly. I get about 1000 junk/clutter emails a week, so it takes a little time. After you have sorted by subject, moved any wrongly sin-binned emails back to your inbox (and right clicked to unblock them) it is time to delete.

The best way is to press Control-A (select all), and the press SHIFT and Delete keys. The Shift key is important as it permanently deletes the email instead of moving the emails to Deleted items which still chews up storage space. But wait there is more.

Most spammers have set up receipt tracking. When you press Shift-Delete, you will invariably get a dialogue box asking to send a receipt confirmation. Look for the “No to All” button and press that.

Other good Inbox habits

Most spam includes a tracking mechanism like a single pixel transparent gif file that phones home if opened – all that does is confirm your address, what type of PC you have and gives valuable metadata to the cybercriminal including that you have opened it so they may also make money from displaying advertising.

If you must open a suspect email, first move it to junk where images and links are disabled or converted to text. If its not junk you can move it back to the inbox and all disabled items are restored.

Avoid any email from an unknown sender if it has a “paperclip” denoting an attachment – a sure sign that it has a java or macro initiated malware attachment.

Out of Office (OoO) is also a great way to tell spammers that your address is alive. While this is a necessary tool avoid its use, especially during the holiday season as it can tell people that you are away and your home may be empty.

Finally, some sage words this Christmas

If your Windows device does something strange, has random pop-ups, stops responding, is slow, or asks to install some software you have not specifically downloaded – don’t panic. Instead, pull the “plug” – switch it off. That will usually stop the spread of malware in its tracks.

If you think you have malware, or if you just want to clean up your device, there are two highly effective things you can do.

First, download the free Wise Disk Cleaner from this link. A small word of caution, decline to install any “free offers” that may pop up during installation.

Run Diskcleaner in its most aggressive mode – tick all the boxes on the “Common Cleaner” page. It’s a very safe program that I have used for many years, and it will usually find gigabytes of stuff.

Next download the free version of Malwarebytes from this link. It will place a file called mb3-setup.exe in the downloads folder, and all you need to do is find it and open it. Again decline to install any added value software.

It takes some time to run but it will root out any last malware and clean it.

Merry Christmas, happy holidays, and have a wonderful 2017.

web threats infographic image


WEBINAR event: IT Alerting Best Practices 27 MAY 2PM AEST

LogicMonitor, the cloud-based IT infrastructure monitoring and intelligence platform, is hosting an online event at 2PM on May 27th aimed at educating IT administrators, managers and leaders about IT and network alerts.

This free webinar will share best practices for setting network alerts, negating alert fatigue, optimising an alerting strategy and proactive monitoring.

The event will start at 2pm AEST. Topics will include:

- Setting alert routing and thresholds

- Avoiding alert and email overload

- Learning from missed alerts

- Managing downtime effectively

The webinar will run for approximately one hour. Recordings will be made available to anyone who registers but cannot make the live event.



Security requirements such as confidentiality, integrity and authentication have become mandatory in most industries.

Data encryption methods previously used only by military and intelligence services have become common practice in all data transfer networks across all platforms, in all industries where information is sensitive and vital (financial and government institutions, critical infrastructure, data centres, and service providers).

Get the full details on Layer-1 encryption solutions straight from PacketLight’s optical networks experts.

This white paper titled, “When 1% of the Light Equals 100% of the Information” is a must read for anyone within the fiber optics, cybersecurity or related industry sectors.

To access click Download here.


Ray Shaw

joomla stats

Ray Shaw  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!



Recent Comments