…not sure that anything can be done about this, but I welcome suggestions.
Basically, we have discovered that “third-party systems” (most likely spambots) have basically “hijacked” (copied) the text from the legitimate subscription email confirmations, only with the legitimate phpList verify link replaced under-the-hood with a nefarious link.
(So, people think that they were subscribed to the list and click the link to confirm/unconfirm/whatever, and are phished instead.)
Is there anything that we can do to help reduce that? I don’t think that there is, but figured I’d post here in case anyone has any tips/tricks for dealing with this sort of thing…
In a related note, is it possible to limit the number of legitimate subscription requests and/or purge the “unconfirmed” users (if that’s recommended)?