قالب وردپرس درنا توس
Home / Tips and Tricks / How Email Bombing uses spam to hide an attack

How Email Bombing uses spam to hide an attack



  E-mail spamming attack concept with many messages received at the same time.
Hanss / Shutterstock

If you suddenly receive an endless stream of junk emails and may ask for confirmation of a subscription, you are the victim of email bombing. The culprit is probably trying to hide his true goal, that is, what to do.

What is Email Bombing?

  Boy stressed the handsome businessman working at the desk in the modern office and screaming on the laptop screen and annoyed about email spam. Collage with a mountain of crumpled paper.
Master1305 / Shutterstock

An e-mail bomb attack is an attack on your inbox that sends huge amounts of messages to your address. Sometimes these messages are gibberish, but more often they are confirmation emails for newsletters and subscriptions. In the latter case, the attacker uses a script to search the Internet for forums and newsletters, and then logs in to an account with your email address. Everyone will send you a confirmation e-mail requesting confirmation of your address. This process repeats on any number of unprotected sites that the script can find.

The term "e-mail bomb attack" can also refer to flooding an e-mail server with too many e-mails to overwhelm and shut down the e-mail server. But this is not the case here – it would be a challenge anyway to shut down modern email accounts using Google or Microsoft email servers. Instead of a denial of service (DOS) attack against the email servers you use, the onslaught of news is a distraction to hide the attacker's true intentions.

Why is this happening to you?

An e-mail bomb attack is often a distraction to bury and hide an important e-mail in your inbox. For example, an attacker could gain access to one of their accounts on an online shopping site, such as Amazon, and order expensive products for themselves. The bombardment of emails floods your email inbox with irrelevant emails, causing emails to be spilled for purchase and shipping so you will not notice them.

If you own a domain, the attacker attempts to remove the email address. If an attacker could gain access to your bank account or another financial services account, they might try to conceal confirmation emails for financial transactions as well.

Flooding your inbox diverts the email bomb attack from real harm. Burying all relevant emails about what's going on in a mountain of useless emails. If you stop sending a wave after receiving an email, it may be too late to reverse the damage.

An e-mail bomb can also be used to gain control of your e-mail address. If you have a coveted address-something straightforward with few symbols and a real name-the whole point may be to frustrate you until you give up the address. If you give up the e-mail address, the attacker can take it over and use it for its own purposes.

What to do if you receive an email bomb

If you find the victim of email bombing, the first thing to do is check and lock your accounts. Log in to shopping accounts like Amazon and see if there are any recent orders. If you see an order that you have not placed, contact the purchasing website's customer support immediately.

You may want to go one step further. At Amazon, it is possible to "archive" orders and hide them from the normal order list. A Reddit user discovered an email from Amazon confirming an order for five $ 1,000 of graphics cards buried in a rush of incoming emails. When they canceled the order, they could not find it. The attacker had archived the Amazon order in the hope that it would help to remain undetected.

You can search for archived Amazon orders by going to Amazon's "Your Account" page and clicking "Archived Orders" under "Ordering and Purchasing Preferences." 19659008]  Amazon link your account dialogue with callout order to archived orders.

While checking your purchases, it is advisable to completely remove your payment options. If the offender is still waiting to break into your account and order something, he can not.

After reviewing a site, enter billing information and check your bank and credit card accounts Look for unusual activity. You should also turn to your financial institutions and alert them to the situation. You may be able to block your account and help you find unusual activities. If you own domains, you should contact your domain provider and ask for help to lock the domain so it can not be removed.

If you find that an attacker has obtained access to one of your sites, you should change your domain password on this site. Make sure you use unique passwords for all your important online accounts. A password manager will help you. If you can manage it, you should set up two-factor authentication for each site it offers. This ensures that attackers will not gain access to an account, even if they somehow get the password of that account.

Now that you've backed up your various accounts, it's time to start working on your email. For most e-mail providers, you must first contact your e-mail provider. Unfortunately, contacting Google is incredibly difficult. Google's Contact page does not seem to provide a contact method for most Google users. If you're a paid Google One subscriber or a G Suite subscriber, you can contact Google Support directly. While browsing the many menus, we only found one direct contact method when you missed files in Google Drive.

 Google Drive contacts us for missing or deleted files.

It is doubtful of this support team can help with your problem. If you're on a subscription without Gmail, you'll need to overcome the bombing. You can create filters to clear your inbox. Try to find something common in the emails you receive, and set some filters to move them to spam or trash. However, be careful not to filter emails that you want to see.

If you use Outlook.com, e-mail help is built into the site. Sign in to your email and then click on the question mark in the upper right corner.

 Outlook.com site with question mark arrow

Type the following: "I'm getting email bombed" and click "Get help." You will receive the option "email us". Then follow this option.

 Outlook.com help with hints for help text and e-mail us.

You do not get immediate relief, but hopefully the support will contact you to help you. In the meantime, you want to create rules to filter out the junk you receive.

If you're using another email provider, try contacting them directly to set up filters. Do not delete your account or e-mail address. If you gain control of your e-mail address, this can actually be what the attacker really wants. If you give up your e-mail address, you have a way to achieve that goal.

You can not stop the attack, but you can wait for it

Eventually, you can not stop the attack yourself. If your email provider can not help or not, you have to endure the attack and hope it stops.

Be aware that you may be going on a long journey. While e-mail bombs sometimes break out after a day, they can go on as long as the offender wants or has the resources. It may be a good idea to approach all important people, inform them about what has happened and contact you in some other way. Eventually, your attacker will get what he wants, or you'll find that you've taken the steps to prevent them from succeeding and move on to a simpler goal.


Source link