Email bomb… What is it and what can be done?


email bomb

At the end of 2019, we had a medium size business reach out to us, as one of their executives was the victim of an email bomb. The user’s inbox was suddenly flooded with an endless stream of emails asking for confirmation of subscriptions and newsletters. The user was receiving 2-3 emails every minute which equaled over 4000 emails in a day.

If you’re not familiar with email bombing, here is a quick breakdown

What is an email bomb?

Email Bombing, also known as a “Subscription Bomb”, is a common social engineering scam which consists of an attack on the user’s inbox that involves sending a massive amount of emails to your inbox for subscriptions and newsletters that you have never signed up for. The idea behind this attack is to cover up a larger security breach by flooding you with mass mailing, you miss the one they are trying to hide.

Hackers make use of a botnet or malicious script to sign your particular email address up to subscription websites that don’t require Captcha answers or a two-step process that requires your confirmation. Soon after you start to receive unwanted subscriptions and newsletters and are being flooded with email notifications.

woman receiving spam emails
Botnets are used by hackers to register your target email address on subscription websites that don’t ask for Captcha responses.

The idea is to target the victim with a bombardment of emails for an undetermined length of time, and then go ahead with the true attack which is usually some sort of credit card fraud. This works because the user is overwhelmed and frustrated with the number of emails they are receiving in their inbox. The hackers hope that the email warning you of fraud will be missed amongst the thousands of emails already received.

Don't stress over IT, leave IT to us!

How we can help

Wingman Solutions worked with the client to discover, investigate, remediate, and mitigate the attack within 24 hours. Contact Wingman Solutions to assist with the right network security solutions and align your security preparedness to the latest threats.


How to stop email bomb gmail?

If you are the victim of an email bomb also known as a subscription bomb, it is critical to make sure to check:

  • Credit cards for fraudulent charges
  • Online shopping accounts like Amazon
  • Check your credit score
  • Check for any identity theft
email box message list
Always make sure to check your financial activity if you suspect being a victim of a mail attack.

What are mail bomb attacks?

Mailbombing, also known as mail flooding, is when a single person is subscribed to multiple email subscription services and other mail communications using your email subscription forms and those of other businesses in an effort to make their mailbox unusable.

How long does a spam bomb last?

You might only have to wait a day or two for it to be over. Email bombs can last for however long the culprit wants or has the resources to, however, they usually stop after a day or two if you block their access. It might be a good idea to get in touch with anyone you are expecting a crucial email from, let them know what’s going on, and give them a different way to reach you.

Once they see you’ve taken the necessary precautions to stop them from succeeding, the attacker will either understand they’ve failed or moved on to another victim.

front view of a handheld clock
Email bombings can continue for however long the perpetrator desires or is able to do so.

What is a subscription email bomb?

The main purpose of the bombing is to create a distraction. There will likely be so many emails in your mailbox that you won’t be able to identify the offender, usually, one email informing you that your password has been changed or that there has been fraudulent activity on your account.

This type of attack’s main objective is typically to divert your attention away from another email that the attackers do not want you to view.

What’s the difference between email bombing and spamming?

Email bombing involves sending a massive number of messages to a specific target, with the intent of overwhelming their email system and causing a denial of service. To use up more system and network resources, the messages are frequently large and built from worthless data. The impact of the denial of service could be increased by using multiple email accounts at the target site. Attackers may also exploit out-of-office messages to amplify the effect of an email bomb, as these automatic replies can further clog the recipient’s inbox.

Let’s now review the following definition of spam, according to Malwarebytes:

Spam is any kind of unwanted, unsolicited digital communication that gets sent out in bulk. Often spam is sent via email, but it can also be distributed via text messages, phone calls, or social media.

The answer to this question is: an email bomb is a type of spam attack. The main difference is that whereas email bomb attacks happen only via email, spam can manifest in many forms, for instance, via SMS texts, social media, or even phone calls. Both email bombs and spam can be disruptive and harmful, but email bombs specifically target a single recipient or organization, while spam is typically distributed more broadly.

Can a spam filter offer protection against an email bomb attack?

Yes, spam filters can provide a certain degree of protection against email bomb attacks by detecting and blocking suspicious emails. They work by identifying patterns, such as a high volume of emails from one sender or specific keywords, which helps keep email bomb attacks from infiltrating your inbox. It’s important to remember, though, that a bulk mail filter may not be completely effective in preventing all email bomb attacks since attackers could potentially find ways around them.

To further enhance your security, it’s a good idea to implement additional measures, like two-factor authentication, and to exercise caution when opening links or attachments from unfamiliar sources. This layered approach to security can help reduce the risk of falling victim to email bomb attacks and other cyber threats.

Updated on December 21, 2022.

Like this article? Spread the word

Google Rating
Based on 63 reviews