---
title: "Humanitarian Cyber Surge, Unsubscribe Scam Alert, SEO Boosts Phishing | DMARC Report"
description: "Humanitarian Cyber Surge, Unsubscribe Scam Alert, SEO Boosts Phishing from DMARC Report explains practical steps for email authentication, domain protection."
image: "https://dmarcreport.com/og/blog/humanitarian-cyber-surge-unsubscribe-scam-alert-seo-boosts-phishing.png"
canonical: "https://dmarcreport.com/blog/humanitarian-cyber-surge-unsubscribe-scam-alert-seo-boosts-phishing/"
---
Quick Answer
\_According to the FBI's 2022 Internet Crime Report (IC3), 300,497 US-based victims reported phishing incidents in a single year, and Business Email Compromise (BEC) caused more than $2.7 billion in direct losses. DMARC Report Humanitarian Cyber Surge, Unsubscribe Scam Alert, SEO Boosts Phishing
Related: [Free DMARC Checker](/tools/dmarc-checker/) ·[How to Create an SPF Record](/tools/spf-record-generator/) ·[SPF Record Format](/blog/spf-format-checker-dos-and-donts-for-email-authentication/)
Share
[ ](https://www.linkedin.com/sharing/share-offsite/?url=undefined%2Fblog%2Fhumanitarian-cyber-surge-unsubscribe-scam-alert-seo-boosts-phishing%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Humanitarian%20Cyber%20Surge%2C%20Unsubscribe%20Scam%20Alert%2C%20SEO%20Boosts%20Phishing&url=undefined%2Fblog%2Fhumanitarian-cyber-surge-unsubscribe-scam-alert-seo-boosts-phishing%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=undefined%2Fblog%2Fhumanitarian-cyber-surge-unsubscribe-scam-alert-seo-boosts-phishing%2F "Share on Facebook") [ ](https://reddit.com/submit?url=undefined%2Fblog%2Fhumanitarian-cyber-surge-unsubscribe-scam-alert-seo-boosts-phishing%2F&title=Humanitarian%20Cyber%20Surge%2C%20Unsubscribe%20Scam%20Alert%2C%20SEO%20Boosts%20Phishing "Share on Reddit") [ ](mailto:?subject=Humanitarian%20Cyber%20Surge%2C%20Unsubscribe%20Scam%20Alert%2C%20SEO%20Boosts%20Phishing&body=Check out this article: undefined%2Fblog%2Fhumanitarian-cyber-surge-unsubscribe-scam-alert-seo-boosts-phishing%2F "Share via Email")
> Domain spoofing is trivially easy without DMARC enforcement, says Brad Slavin, General Manager of DuoCircle. Anyone can send email that looks like it comes from your domain. DMARC with p=reject is the only way to tell receiving servers to block unauthorized senders completely.
\_According to the [FBI’s 2022 Internet Crime Report (IC3)](https://www.ic3.gov/Media/PDF/AnnualReport/2022IC3Report.pdf), 300,497 US-based victims reported phishing incidents in a single year, and Business Email Compromise (BEC) caused more than $2.7 billion in direct losses. DMARC Report
Humanitarian Cyber Surge, Unsubscribe Scam Alert, SEO Boosts Phishing
```
```
/
```
```
RSS Feed
```
Share
Link
Embed
```
/\*! This file is auto-generated \*/ ’ title=“Embed Code” class=“input-embed input-embed-28732” readonly/>
```
```
Hey people! We are three weeks down in June, just like that! With that, we bring to you the third bulletin of the month. Are you excited to \*\*stay up-to-date about the latest cyber incidents happening around the globe? If yes, here’s the good news. We are back with our fresh dose of global cyber facts. This week, we will talk about how cybercrooks are using SEO tactics to push phishing pages high up the search results. Also, our focus will be on the new Gmail scam. Lastly, we will discuss the steep rise in the incidents of [cyberattacks](https://www.voanews.com/a/rubio-pledges-us-support-for-costa-rica-s-fight-against-cyberattacks-drug-trafficking-/7963015.html) on humanitarian organizations.
So, if you are all set to dive deeper, **let’s get started**!
## Global humanitarian organizations see a steep rise in cyber incidents!
There has been a massive [241%](https://www.darkreading.com/cyberattacks-data-breaches/attacks-humanitarian-orgs-jump-worldwide) spike in the number of cyberattacks on \*\*humanitarian organizations worldwide in just 12 months. [Distributed Denial of Service](https://www.infosecurity-magazine.com/news/us-ddos-attack-guidance-public/) or DDoS is the most dominant form of attacks. _CyberPeace Institute, an entity that gathers data and information around cyber conflicts, shared that opportunistic attacks are becoming the new normal for nonprofit enterprises_.
Since nonprofit organizations operate on a low budget, it is difficult for them to set up high-end cybersecurity systems . Only [15% ](https://www.darkreading.com/cyberattacks-data-breaches/attacks-humanitarian-orgs-jump-worldwide)of all global humanitarian organizations have a cybersecurity expert on board. Journalism entities, **social welfare organizations**, environmental and humanitarian entities are being attacked left, right, and center by [thre](https://www.cybersecuritydive.com/news/microsoft-crowdstrike-other-cyber-firms-collaborate-on-threat-actor-taxon/749614/)[a](https://www.cybersecuritydive.com/news/microsoft-crowdstrike-other-cyber-firms-collaborate-on-threat-actor-taxon/749614/)[t actors](https://www.cybersecuritydive.com/news/microsoft-crowdstrike-other-cyber-firms-collaborate-on-threat-actor-taxon/749614/).
Nonprofit organizations are not only ‘cyber poor’ but also the prime targets of repressive government regimes, political hacktivists and [foreign adversaries](https://en.wikipedia.org/wiki/United%5FStates%5Fforeign%5Fadversaries).
\*\*Journalism organizations are the worst hit among all the nonprofit entities in the last month. What’s worse is that cyberattacks are getting more sophisticated with every attempt. Cybercrooks are even using deepfakes to wipe away [sensitive data](https://www.jpost.com/american-politics/article-850883).
The only way out is to have a solid [cybersecurity](https://dmarcreport.com/blog/how-to-educate-or-train-employees-on-cybersecurity/) mechanism in place to combat the increasing number of cyber incidents. Cybersecurity systems use [DMARC](https://dmarcreport.com/), [DKIM](https://dmarcreport.com/what-is-dkim/), and [SPF](https://autospf.com/blog/spf-guide-understanding-sender-policy-framework/) protocols to authenticate emails, **prevent spoofing**, and protect against phishing attacks.
## You may want to think twice before hitting that ‘Unsubscribe’ button- New scam alert!
Phishing attacks are on the rise in Gmail as well as other email systems. Cybercrooks are using malicious ‘Unsubscribe’ links to carry out [phishing attacks](https://thehackernews.com/2024/09/cybercriminals-exploit-http-headers-for.html) and information theft. Clicking on these fraudulent links will redirect users to fake pages and phishing sites, potentially compromising personal details.
Threat actors have discovered a new scam in which they add tracking codes to [unsubscribe buttons](https://www.news18.com/tech/be-careful-about-the-unsubscribe-gmail-scam-what-is-it-and-why-it-can-be-dangerous-9393026.html) in emails. These tracking codes enable cybercrooks to determine whether or not the account is active. They then sell out the active email IDs in dark forums at premium pricing. The CTO at DNSFilter claims that \*\*1 out of 644 unsubscribe buttons is likely to contain tracking code, and it can successfully redirect unaware users to phishing sites.
_The best way to prevent being scammed through a malicious unsubscribe link is to use the ‘in-app unsubscribe’ feature that you get with Outlook or Gmail_.
## Cyberattackers are using search engine optimization to rank the phishing pages high in SERPs!
If you think [search engine optimization](https://www.optimizely.com/optimization-glossary/search-engine-optimization/) or SEO is just meant for \*\*boosting traffic to your website, you need to know this: Threat actors have started using SEO to push phishing pages up the search engine results. Researchers have found that threat actors are using [code-injected web pages](https://www.securityweek.com/millions-of-user-records-stolen-from-65-websites-via-sql-injection-attacks/) in order to manipulate the search engines so that the algorithm pushes the compromised content and redirects the users to phishing sites.
Andrew Sebborn , an analyst at Netcraft, believes that cyberattackers inject legitimate web pages with embedded [JavaScript](https://www.geeksforgeeks.org/javascript/javascript-tutorial/) and URL keywords that can redirect unaware users to malicious pages. The injected content tends to be subtle and can easily evade detection. It easily manipulates **Google’s PageRank system**. _Threat actors often choose sites with high DA value, such as .gov, .edu, and Country Code TLDs_. Google assumes that such domains are of great relevance and prioritizes these pages in search engine page results.
The Netcraft researchers have found out that SEO optimization services for carrying out [malicious activities](https://www.reuters.com/technology/artificial-intelligence/openai-removes-users-china-north-korea-suspected-malicious-activities-2025-02-21/) are being offered for as little as **$1 per site**. Apart from injecting legitimate pages, these SEO services also include adding selected phrases and keywords to the pages in order to generate search engine traffic and get visibility high up in the search results.
The ultimate goal of the [cybercrooks](https://www.enr.com/articles/59598-when-cyber-crooks-steal-payments-think-insurance-makes-up-the-loss-think-again) is to keep the users unaware of the attack and convince them that they are being directed to a legitimate search results page. Such attacks are designed to harvest personal and sensitive data from users, including [login credentials](https://hackread.com/hackers-fake-microsoft-adfs-login-pages-steal-credentials/), bank account numbers, credit card details, and more.
Cyberawareness is, therefore, no longer a luxury but a necessity in today’s time. Next time you proceed to click on a top-ranking search result , make sure you take a close look at the **URL and meta description**. If there’s any anomaly or irregularity, simply [avoid clicking on the link](https://www.cbs8.com/article/news/verify/scams-verify/3-ways-to-avoid-clicking-on-malicious-links-fact-check/536-db6453b2-ef13-4e86-9193-9da36cb62b57).
## Topics
[ dkim ](/tags/dkim/)[ DMARC ](/tags/dmarc/)[ News ](/tags/news/)[ SPF ](/tags/spf/)
[ Vasile Diaconu ](/authors/vasile-diaconu/)
Operations Lead
Operations Lead at DuoCircle. Runs project management, developer coordination, and technical support execution for DMARC Report.
[LinkedIn Profile →](https://www.linkedin.com/in/vasile-diaconu/)
## Take control of your DMARC reports
Turn raw XML into actionable dashboards. Start free - no credit card required.
[Start Free Trial](https://app.dmarcreport.com/) [Check Your DMARC Record](/tools/dmarc-checker/)
## Related Articles
[ Foundational 4m Adidas Data Breach, Whatsapp Image Threat, Silent Ransom Vishing May 29, 2025 ](/blog/adidas-data-breach-whatsapp-image-threat-silent-ransom-vishing/)[ Foundational 4m Africa Fights Cybercrime, Attention Farmers Customers, Apple Prevents Threats Aug 28, 2025 ](/blog/africa-fights-cybercrime-attention-farmers-customers-apple-prevents-threats/)[ Foundational 4m AI Scam Alert, Federal Cuts Vulnerability, American Tire Cyberattack Sep 9, 2025 ](/blog/ai-scam-alert-federal-cuts-vulnerability-american-tire-cyberattack/)[ Foundational 4m Akira flaunts victims, Idaho targets orthodontist, AI granny protects Nov 22, 2024 ](/blog/akira-flaunts-victims-idaho-targets-orthodontist-ai-granny-protects/)
```json
{"@context":"https://schema.org","@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.wikidata.org/wiki/Q138898167","https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.g2.com/products/dmarc-report/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc","https://www.trustradius.com/products/duocircle/reviews"],"aggregateRating":{"@type":"AggregateRating","ratingValue":"4.8","reviewCount":"470","bestRating":"5","worstRating":"1","url":"https://www.g2.com/products/dmarc-report/reviews"},"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://dmarcreport.com/support/"},"knowsAbout":["DMARC","DMARC Reporting","DMARC Aggregate Reports","DMARC Forensic Reports","Sender Policy Framework","DKIM","Email Authentication","Email Security","DNS Management","Email Deliverability"]}
```
```json
{"@context":"https://schema.org","@type":"WebSite","name":"DMARC Report","url":"https://dmarcreport.com","description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","publisher":{"@type":"Organization","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```
```json
[{"@context":"https://schema.org","@type":"BlogPosting","headline":"Humanitarian Cyber Surge, Unsubscribe Scam Alert, SEO Boosts Phishing","description":"Humanitarian Cyber Surge, Unsubscribe Scam Alert, SEO Boosts Phishing from DMARC Report explains practical steps for email authentication, domain protection.","url":"https://dmarcreport.com/blog/humanitarian-cyber-surge-unsubscribe-scam-alert-seo-boosts-phishing/","datePublished":"2025-06-19T11:04:28.000Z","dateModified":"2026-04-16T15:53:43.000Z","dateCreated":"2025-06-19T11:04:28.000Z","author":{"@type":"Person","@id":"https://dmarcreport.com/authors/vasile-diaconu/#person","name":"Vasile Diaconu","url":"https://dmarcreport.com/authors/vasile-diaconu/","jobTitle":"Operations Lead","description":"Vasile Diaconu is the Operations Lead at DuoCircle, the company behind DMARC Report and AutoSPF. He coordinates between engineering, product, and technical support - running project management, interfacing with developers on customer-reported issues, and making sure work that comes in through the support channel actually gets closed out. Vasile sits at the intersection of customer feedback and engineering execution, giving him a direct view of which email authentication problems customers hit most often in production.","image":"https://media.mailhop.org/dmarcreport/images/team/vasile-diaconu.jpg","knowsAbout":["SaaS Operations","Technical Support Coordination","Customer Issue Resolution","Engineering Program Management","Deployment Operations"],"worksFor":{"@type":"Organization","name":"DMARC Report","url":"https://dmarcreport.com"},"sameAs":["https://www.linkedin.com/in/vasile-diaconu/"]},"publisher":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.wikidata.org/wiki/Q138898167","https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.g2.com/products/dmarc-report/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc","https://www.trustradius.com/products/duocircle/reviews"],"aggregateRating":{"@type":"AggregateRating","ratingValue":"4.8","reviewCount":"470","bestRating":"5","worstRating":"1","url":"https://www.g2.com/products/dmarc-report/reviews"},"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://dmarcreport.com/support/"},"knowsAbout":["DMARC","DMARC Reporting","DMARC Aggregate Reports","DMARC Forensic Reports","Sender Policy Framework","DKIM","Email Authentication","Email Security","DNS Management","Email Deliverability"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://dmarcreport.com/blog/humanitarian-cyber-surge-unsubscribe-scam-alert-seo-boosts-phishing/"},"articleSection":"foundational","keywords":"dkim, DMARC, News, SPF","wordCount":1145,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/dmarcreport/images/2022/04/dmarc-alignment-6379.jpg","caption":"Humanitarian Cyber Surge, Unsubscribe Scam Alert, SEO Boosts Phishing","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}]
```
```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://dmarcreport.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://dmarcreport.com/blog/"},{"@type":"ListItem","position":3,"name":"Foundational","item":"https://dmarcreport.com/foundational/"},{"@type":"ListItem","position":4,"name":"Humanitarian Cyber Surge, Unsubscribe Scam Alert, SEO Boosts Phishing","item":"https://dmarcreport.com/blog/humanitarian-cyber-surge-unsubscribe-scam-alert-seo-boosts-phishing/"}]}
```