Cybersecurity Alert
Duck! Here comes the email bombs
What’s email bombing? Simply put, it’s a form of cyberattack that sends hundreds or thousands of messages to an email address in a single day. Email subscription bombing automatically subscribes victims to dozens or hundreds of electronic mailing lists, each of which sends multiple messages a day until the recipient unsubscribes to each subscription individually.
A small-business owner whose mom is a Press subscriber was bombed with 56,000 emails within three days. The attack has crippled his business because he had to weed out the junk emails manually (the ones the spam filter didn’t catch) from the legitimate ones being sent by real customers.
He thought about just hitting the “delete all” button but then thought better of it. It’s a good thing he checked because he found an email that said “thank you for your recent purchase.” He opened the email and was surprised to find out his business had just purchased a $9,000 drone from Verizon.
Now the true intent of this malicious attack was uncovered. The cybercriminal deliberately disrupts the victim’s network in order to hide the important messages in plain sight. In this case, the small business owner was able to get the purchase reversed and was also able to determine where and to whom the drone was being delivered. He is still sifting through the emails to see what else he might uncover.
Law enforcement was no help with his situation so now he realizes it’s probably best to close the email account and open a new one. But that might come at the price of irritating customers whose inquiries go unanswered.
Prevention is the best defense against this type of attack. Whether you’re an individual or small-business owner or manager, here are some suggestions:
• Use antivirus software, a firewall and a hardware authentication device to reduce the chance of being attacked.
• Check all your online accounts to make sure you haven’t missed a charge or withdrawal hidden among those thousands of emails.
• Report the attack to your service provider. They might be able to stop the attack at the service level.