NBC Chicago's Lisa Parker offers this first-person cautionary tale about why you shouldn't use the "unsubscribe" link often included in Spam email.
By the looks of my inbox, I must be in need of a cheap doggy harness, free cigars, printer ink and millionaire sugar daddy to marry. After years of a spam-free inbox, something changed in the last few months. Somehow, a spammer got my email. Then he told two friends, they told two friends, and so on, and …well, there goes the inbox.
My instinct to click on that little appealing ‘UNSUBSCRIBE” feature at the bottom of all the junk emails is apparently the last thing I should do.
"Don't unsubscribe...Never ever, " said Steve Filipiak.
He should know. He did it and now regrets it.
A few years ago, Filipiak said he would have 100 junk emails in his inbox by lunchtime. He got so sick of it, he decided to unsubscribe, and loaded as his name two words we really can’t repeat in this column.
"I was so frustrated that for the first name I put [expletive] and the second name I put "You," he recalled.
So was he unsubscribed? Quite the opposite.
"And the next day I got email, Dear [Expletive] You."
When that part of Filipiaks’ story was published in a Wall Street Journal article, he says the spammers not only found him, they buried him.
Local
"Oh thousands! Yeah, they were just coming in. You could watch them pop in one after the other," he said.
For this report, we interviewed an expert who knows all about the guys on the other side of the spam emails. Marc Maiffret is a former hacker who was once profiled on reality TV for his years as a teenage hacker. These days he works for the other side as a security consultant, and tells his clients never to click unsubscribe if they do not know the sender.
"It’s the wrong instinct cause of what ends up happening," Maiffret said. "As soon as you hit unsubscribe, you're essentially saying x, y, z email address that had received it ... is active, there's actually somebody there."
Before you answer, in most cases the spammers are just guessing at email addresses. Fill out the ‘unsubscribe” line, and the guesswork is over: they know they have a live one.
Worse, said Maiffret:
"In reality, that's usually an indicator to increase the level of things they send to you. We even see when you click unsubscribe, it'll take you to a website and the website will actually try and attack against your computer," he explained.
Spam filters often don’t work because the spammers have figured out ways around them.
For example, in some cases much of the advertisement itself is in one large image. That makes it harder for a spam filter to process. We also saw examples of long passages of text hidden under a white screen, legitimate words you might see in an email that designed to pass a spam filter.
All of this is a predatory twist to the "unsubscribe" feature that was supposed to help consumers. The federal CAN SPAM Act mandates marketers offer a way out of unwanted emails. A law legitimate companies take seriously, but not the fly-by-nighters.
"Don't hit unsubscribe if you don't know who it's from," advised Chicago-Kent Law Dean Harold Krent, a privacy expert. "[The spammers] don't know there's an active being behind that email until you respond in some fashion. Once you do, it's ripe for the selling."
By trying to get off the lists, we unsubscribers just get in deeper.
.
"I learned my lesson," said Filipiak. "Clicking unsubscribe just ratcheted up another notch."
Filipiak had to change his email address, as this reporter will also have to do. For this article, I clicked "unsubscribe" on two weeks’ worth of spams; more than 125 times. My daily spam average is on the rise, with no signs of slowing down.
With spam accounting for an estimated 80 percent of all email traffic in the United States, the spammers don’t appear to be slowing down, either. The best option, experts said, is to choose the "Mark as Junk" option provided by some email providers.
If that’s not an option, just hit "delete" and move on.
