Unsubscribe link from their emails takes you to this. You then to need to sign in with email and password (I don't know my password) to manage preference. I just want all out!
Some spam probably does this, some probably does not. As mentioned, tracker pixels can also confirm, but either way if the message was delivered to your inbox with no bounceback, even without opening it the sender can infer it is active.
That said, a "legit" company domain like StubHub should be safe to click on (as long as you are careful it's not a spoofed domain) and unsubscribe.
In EU at least they're required by law to have working unsubscribe links that actually unsubscribe you, otherwise they risk getting huge fines, i understand that in California things are not too far from this but no idea about the details
This is the case across the whole US, as part of some legislation called the "CAN-SPAM act". I think the person you're replying to is talking about fake unsubscribe links in malicious emails.