How to react to a Spam Subscription attack

If you suddenly start receiving an endless stream of junk email, perhaps asking for confirmation of a subscription, you’re the victim of a Spam Subscription attack, or email bombing.

The most profitable reason behind those attacks is for hackers to bury emails from institutions like Banks, PayPal, Amazon or other sites so that you won't notice unauthorized withdrawals or purchases.

These attacks are really hard to defend against because the attacker uses automated "bots" that are capable of subscribing an email address to multiple email lists in a matter of seconds.

Fortunately these attacks are sporadic and do not last.

It is scary to see your Inbox flooded by those un-initiated subscription confirmations, but the good thing is most mailing lists require you do confirm your email address nowadays so you should not be actually subscribed to anything if you do not click to confirm your email address.
I would not click on the provided Unsubscribe links either in case they are a scam - they will just confirm the hacker has a "live" email address).

Here are some things you can do:

Create Custom Filters

The initial confirmation emails that most mailing lists send upon
subscribing can still create a pretty big mail bomb ans is scary.

One way to at least reduce these emails would be to set up some custom
filters that stores emails that contain the word "confirm" "confirmation"
or "subscription" in a separate folder you would create so they won't
clutter your Inbox.

For example, in HIS Zimbra webmail: https://webmail.his.com

  • Login to your account.
  • Create the extra folder, for example: Notifications, or Subscriptions.
  • Create Rules in Preferences->Filters
    for messagesSubject line containing "confirm" "confirmation" or
    "subscription" to be moved to the new folder.
  • Remember to check the folder for legitimate notifications.

If you are not using Zimbra webmail, please refer to your own email application's Help to find out how to do that.
In some they are named filters in others rules.

Change Your Online Accounts Passwords

Scan those notifications to see if there is one from one of YOUR REAL online accounts: There have been reports that hackers use such subscription attacks to bury emails from institutions like Banks, PayPal, Amazon or online stores sites so that you won't notice unauthorized withdrawals or purchases.

For more details, read this article on How Email Bombing Uses Spam to Hide an Attack.


Properties ID: 000607   Views: 56   Updated: 28 days ago
Filed under: