Part 2 of the Mailbombing Cybersecurity month series.

In today’s digitally connected world, our email accounts are not just communication tools but repositories of personal and professional information. Unfortunately, with the rise of online threats, email security has become paramount. One such threat, mailbombing (aka: email list bombing), poses a significant risk to both individuals and organizations. In this article, we will delve into what email list bombing is, the dangers it presents, and provide comprehensive recommendations on how to shield yourself from this menacing attacker.

Understanding mailbombing

Mailbombing, also known as subscription bombing or email list bombing, is a malicious technique orchestrated by cybercriminals to flood your inbox with a deluge of unwanted subscription confirmation emails. The objective is not to compromise your email account but to disrupt your digital life and sow chaos. Perpetrators utilize automated scripts or bots to sign up your email address for numerous online services and newsletters without your consent, effectively inundating your inbox.

The Dangers of Mailbombing

  • Overwhelmed Inbox: The primary consequence of email list bombing is the inundation of your inbox with a torrent of subscription confirmation emails. This deluge can make accessing legitimate messages nearly impossible, causing severe disruptions to your daily routine and productivity.
  • Privacy Invasion: Some of the subscription confirmation emails may contain personal information or be linked to online services that you never intended to use. This poses a significant privacy risk, as your data may be shared with third parties without your consent.
  • Resource Drain: Email list bombing consumes valuable server resources, leading to increased operational costs for email service providers. This can result in slower email performance and potentially increased costs for users as well.

Protecting Yourself from Mailbombing

As a consumer there isn’t much you can proactively do to prevent list bombing, as you’ll probably be surprised to be on the receiving end of so much email. However there are several things you can do if you become the target of such activity.

  • Create Email Rules:
    • Identify Repeating Words: To mitigate the impact of email list bombing, examine your inbox for recurring phrases such as “Confirm your subscription” or “Welcome to [list].” Create rules within your email client to automatically delete or move emails containing these phrases to a designated folder and out of your inbox.
  • Watch for Security-Related Emails:
    • Monitor Account Activity: Be vigilant for any emails related to password changes or unauthorized account logins. If you receive such messages without initiating these actions, it could be indicative of a security breach. Take immediate action to secure your account, including changing your password.
  • Implement Two-Factor Authentication (2FA):
    • Strengthen Security: Wherever possible, enable 2FA for your email account, especially for high-value accounts such as those linked to your banking and social media. 2FA adds an extra layer of security, making it significantly more challenging for attackers to gain unauthorized access.
  • Change Your Email Password:
    •  Take Swift Action: In case of suspected email list bombing or a security breach, promptly change your email account password. Consider doing this from a different computer or device than your usual one to reduce the risk of potential key-loggers or malware.
  • Run Malware and Virus Scans:
    • Regular Vigilance: Conduct regular malware and virus scans on your computer to ensure it remains free from malicious software that may compromise your email security. Keep your operating system and security software up-to-date as well.
  • Unsubscribe and Password Changes:
    • Review Subscriptions: Following an email list bombing attack, be prepared to unsubscribe from multiple lists by meticulously reviewing your inbox. Identify which subscriptions you wish to retain and unsubscribe from those that are unwanted.
    • Change Passwords: Change your email account password, and consider doing the same for other accounts, especially if you use similar passwords across multiple services. Implement strong, unique passwords, and enable 2FA wherever feasible to enhance account security.
  • Get a New Email:
    • If you’re account truly becomes unusable your last option might be to migrate to a new email account.

Mailbombing can disrupt your digital life and compromise your privacy. By following the recommendations outlined in this article, you can proactively protect yourself from mailbombing and other email-based threats. Always remain vigilant, stay informed about email security best practices, and regularly review and update your security measures to fortify your digital defences. Your online security is paramount, so take the necessary steps to ensure your email inbox remains a secure and manageable gateway to your digital world.