there isn't really anything here that you can use security assist for.
the normal method for doing this is called "Double Opt In"
the idea is that when the user signs up, you store the users email address in the database and a random string, this random string is generated when the user record is created, at the same time the UserID is created.
the random string will be unique to each user.
the confirm and unsubscribe links will pass both the UserID and the random string, the recordset on the unsubscribe page will lookup the users account passed on both of these variables to prevent a hacker from guessing at ID's and unsubscribing eerybody.