top of page

Email Bombing: What You Need to Know


ree

Email bombing, also known as “subscription bombing,” is when you suddenly get a large number of emails—often hundreds—from various businesses and websites all at once. They’re all confirming things you never initiated, and all of them are addressed to your actual email.


What is an Email Bomb?

An email bomb is created using automated scripts that locate forums, newsletters, and other sites online and enter your email address into them. Because it’s an automated process, a bad actor can have you signed up to hundreds of sites like this in a matter of minutes—and have hundreds of emails on their way to you, all at once. The sheer volume of messages in an email bomb can be dizzying—and that’s the point. Because it’s almost certainly designed to disorient you.


Why You Might Be an Email Bomb Target

When you get an email bomb, there are three not-so-great possibilities as to why it’s happening to you:

  • A Prank

    • The least worrisome reason behind an email bomb is that someone out there hates you and wants to make your life slightly more miserable by giving you an online mess to clean up. It’s the digital equivalent of signing people up for magazine subscriptions, or having unwanted pizzas delivered to their house.

  • Malicious Links

    • Sometimes email bombs are used to trick you into clicking on malicious links buried in the “unsubscribe” portion of the text. You get a bunch of mysterious, unwanted emails from legitimate businesses or sites, so you click the “unsubscribe” without thinking too hard—and your computer is compromised.

  • Distraction

    • This is the most likely—and dangerous—possibility. Someone has compromised a credit card or store account and made some illicit purchases, or made some changes to your accounts they don’t want you to see. So, they seek to bury those confirmations or alerts under hundreds of spam emails.


What to Do if You Are Email Bombed

This is being done more and more to businesses to enter their system. They want users to click a link and enter credentials. The idea is that you use the same or similar password for everything. So, if you start to get an influx of random, subscription type emails, the best thing to do is to let the Help Desk know and, most importantly, do not open them.

bottom of page