What Is An Email Bomb?

What Is An Email Bomb

Date First Published: 29th May 2023

Topic: Cybersecurity

Subtopic: Threats To Systems, Data & Information

Article Type: Computer Terms & Definitions

Difficulty: Medium

Difficulty Level: 6/10

Learn more about what an email bomb is in this article.

An email bomb, also known as a mail bomb, is a type of cyberattack where the attacker sends a large number of email messages to one or more email addresses to flood the mailboxes, distract the user's attention from important emails, overwhelm the mail servers so that they become unresponsive as a way of performing a DoS attack, or max out the user's storage limits so that they cannot receive any new email messages.

Once the email bomb is successful, the user will be left with a large number of unwanted email messages that they may have to manually delete. If the email provider does not have an option to select all unwanted messages at once, the email messages will take a long time to delete.

How Is Email Bombing Done?

Email bombing can be done by a single user manually sending hundreds or even thousands of messages to one email address. However, it is often done by an automated bot or script to send messages quickly. Using an automated bot or script to send email messages can allow thousands of messages to be sent per minute.

Email bombs can be done by a botnet, which consists of a group of computers designed to send hundreds or thousands of email messages. The havoc caused by email bombs can also affect everyone else that uses that mail server. This is because when a mail server is unresponsive, it can lead to a decline in network performance and downtime for all users. If no steps are done to filter, mitigate, or block the email bomb attack, the attack can last for several hours or days.

Signs Of An Email Bomb

The signs of an email bomb are:

  • A suspicious flood of email messages coming from a single email address or IP address.
  • An inability for a mail server to respond to requests to send emails or access inboxes for extended periods of time.
  • Odd email message patterns, such as floods of email messages occurring every 30 minutes or at odd hours of the day.

Types Of Email Bomb Attacks

The five main types of email bombs are:

  • Mass mailing - The simplest type of email bomb attack. This attack involves sending a large number of duplicate emails to one or a few email addresses the attacker wants to flood and is often performed as part of a DDoS attack using a botnet under the attacker's control. An example of mass mailing is continuously sending messages by automatically filling out web forms to the target email address. Since these attacks are very simple, they can be easily detected by spam filters.
  • List linking. This attack involves signing up specific email addresses to multiple email list subscriptions. The goal of this attack is to overload the inboxes with subscribed content. The users then have to manually unsubscribe from these unwanted services. Since most subscription services don't require email verification, this is easily possible. Even subscription services with email verification could use the verification emails as an email bomb attack. These attacks are often performed by automated bots and scripts signing up a specific email address for multiple subscription services.
  • Attachment attacks. This attack involves sending a large number of emails with multiple attachments. The attachments are often large in size and designed to quickly max out server storage space.
  • Zip bombing. Also known as a decompression bomb attack, a zip bomb attack involves attackers sending a large compressed file to a target email address. When decompressed, it uses up a large amount of server resources and slows the mail server down. Even though the file compresses into quite a small archive, unpacking the file would require a larger amount of processing power and possibly overwhelm the mail server.
  • Reply to all attacks. Email bombing can also target a large number of email addresses at once instead of a single email address. An example of a method used to do this is the 'reply all' feature. This allows the email message to be sent to all other recipients on the To and CC lines. This can cause all the recipient's inboxes to be flooded with emails. However, reply-all email bombs are often accidentally sent than intentionally. In some cases, automatic replies, like out-of-office messages may not be working properly.

How To Prevent Email Bombs?

Most email providers already take preventative measures against email bomb attacks. Their servers may be able to detect that a large number of messages have been sent from one IP address or email address in a short amount of time and block it from sending any more messages, preventing the email bomb attack from succeeding and rejecting any additional emails from the sender. In addition, nearly all email providers have a file attachment size limit, preventing attachments from quickly maxing out their server storage space.

Below are three steps you can take to prevent email bomb attacks:

  • Avoid publicly posting your email address online. The simplest way to avoid being vulnerable to an email bomb attack and other forms of unwanted emails is by not posting your email address publicly. Spambots often crawl the internet for email addresses and automatically send large numbers of spam emails to lots of addresses at once.
  • Set up email rules to filter spam emails. Most email applications allow you to set up rules to filter spam emails. For example, Gmail has an option to 'Filter messages like this'. Gmail will then write a form with the most appropriate filtering criteria and once you create the filter, email messages that meet the criteria (e.g. contain those specific words) will automatically be moved to the junk email folder or deleted.
  • Implement CAPTCHAs. If you have a web form that allows users to subscribe to a newsletter or send you email messages, you should consider implementing a CAPTCHA so that automated bots and scripts cannot sign email addresses up or send you large amounts of unwanted emails.


Feedback

  • Is there anything that you disagree with on this page?
  • Are there any spelling, grammatical, or punctuation errors on this page?
  • Are there any broken links or design errors on this page?

If so, it is important that you tell me as soon as possible on this page.


Comments