212:
to trace back to the perpetrator, and potentially very destructive. A massive attack of this kind targeting .gov email addresses was observed in August 2016. The Email messages in the flood are not spoofed: these are typically confirmation emails for newsletters and subscriptions for legitimate
Internet services. The attacker exploits web sites that allow Internet clients to register to some service with their Email address. The attacker registers the victim with its Email address to multiple such services, which as a result send Emails to the victim.
216:
without abandoning subscription forms. After a subscription form is filled out, the website would dynamically create a mailto link to itself. A legitimate user would then send a message to validate the request without receiving any email from the website. While the sender's email could be spoofed, the sender's SMTP IP address cannot. The list manager can therefore verify that the email in the form request matches the originating SMTP server in the validation message.
196:, the attacker instructs the botnet to send out millions of emails, but unlike normal botnet spamming, the emails are all addressed to only one or a few addresses the attacker wishes to flood. This form of email bombing is similar to other denial-of-service flooding attacks. As the targets are frequently the dedicated hosts handling website and email accounts of a business, this type of attack can be devastating to both services of the host.
25:
215:
In order to prevent this type of bombing, most email subscription services send a confirmation email to a person's inbox when that email is used to register for a subscription. However, even the confirmation emails contribute to the attack. A better defense would prevent websites from being exploited
211:
List linking, also known as "email cluster bomb", means signing a particular email address up to several email list subscriptions. The victim then has to unsubscribe from these unwanted services manually. The attack can be carried out automatically with simple scripts: this is easy, almost impossible
223:
signing up a specific email address to a multitude of services can be used to distract the view from important emails indicating that a security breach has happened elsewhere. If, for example, an Amazon account has been hacked, the hacker may contrive to have a flood of confirmation emails sent to
256:, mail server software was then configured to unpack archives and check their contents as well. A new idea to combat this solution was composing a "bomb" consisting of an enormous text file, containing, for example, only the letter
297:
have since been banned as a means of sending text bombs. The text messages may also lead to high phone bill charges on some mobile plans. Additionally, certain phone apps have also been created to prevent text bombs on
Android OS.
260:
repeating millions of times. Such a file compresses into a relatively small archive, but its unpacking (especially by early versions of mail servers) would use a greater amount of processing, which could result in a
224:
the email address associated with the account to mask the fact that the Amazon shipment address has been changed and purchases have been made by the hacker.
199:
This type of attack is more difficult to defend against than a simple mass-mailing bomb because of the multiple source addresses and the possibility of each
440:
316:
567:
89:
659:
121:
This article is about denial-of-service attacks. For spikes of "reply all" messages on an email distribution list, see
61:
508:
108:
340:
176:. These types of mail bombs are simple to design but their extreme simplicity means they can be easily detected by
68:
524:
46:
554:. 50th Annual IEEE/IFIP International Conference on Dependable Systems and Networks. IEEE. pp. 286–293.
473:
Jakobsson, Markus; Menczer, Filippo (2010-01-01). Huang, Scott C.-H.; MacCallum, David; Du, Ding-Zhu (eds.).
75:
415:
42:
602:
294:
57:
393:
262:
181:
164:
There are three methods of perpetrating an email bomb: mass mailing, list linking and zip bombing.
145:
35:
629:
488:
548:
Schneider, Markus; Shulman, Haya; Sidis, Adi; Sidis, Ravid; Waidner, Michael (June 2020).
236:
is a variant of mail-bombing. After most commercial mail servers began checking mail with
220:
8:
237:
492:
82:
478:
274:
200:
141:
563:
504:
396:, Application Security, Industry Perspective, December 1st 2016, In: amperva.com/blog
270:
249:
245:
203:
sending a different message or employing stealth techniques to defeat spam filters.
555:
496:
285:
A "text bomb" is a similar variant of sending a large number of text messages over
177:
153:
559:
549:
500:
654:
639:
365:
648:
290:
173:
149:
122:
193:
172:
Mass mailing consists of sending numerous duplicate emails to the same
634:
152:
to distract the attention from important email messages indicating a
24:
483:
233:
180:. Email-bombing using mass mailing is also commonly performed as a
129:
317:"10 Types Of Cyber Crimes... And Another 10 You've Never Heard Of"
583:
266:
189:
185:
394:
How
Registration Bots Concealed the Hacking of My Amazon Account
525:"Massive Email Bombs Target .Gov Addresses — Krebs on Security"
416:"Email bomb | Informatics Engineering | 2878 | p2k.unaki.ac.id"
253:
137:
547:
192:
and under the attacker's control. Similar to their use in
286:
241:
439:
Jakobsson, Markus; Menczer, Filippo (December 2003).
140:
to an address to overflow the mailbox, overwhelm the
188:; hierarchical networks of computers compromised by
219:A large number of confirmation emails initiated by
136:is a form of net abuse that sends large volumes of
49:. Unsourced material may be challenged and removed.
603:"Why Every Parent Needs To Know About Text Bombs"
646:
472:
438:
366:"Email Bombing and ways to protect yourself"
240:and filtering certain malicious file types,
277:if the server checks nested archive files.
584:"research!rsc: Zip Files All The Way Down"
388:
386:
482:
293:or online harassment. Apps online on the
109:Learn how and when to remove this message
600:
383:
144:where the email address is hosted in a
647:
475:Web Forms and Untraceable DDoS Attacks
314:
468:
466:
410:
408:
406:
404:
402:
280:
47:adding citations to reliable sources
18:
13:
184:by employing the use of "zombies"
14:
671:
630:CERT - Email Bombing and Spamming
623:
463:
441:"Untraceable Email Cluster Bombs"
399:
23:
594:
576:
477:. Springer US. pp. 77–95.
206:
167:
34:needs additional citations for
541:
517:
432:
358:
341:"The Return of Email Flooding"
333:
308:
289:. The technique is a means of
227:
1:
640:Diving into Email Bomb Attack
551:Diving into Email Bomb Attack
301:
7:
635:Email Cluster Bomb Research
601:Brenoff, Ann (2013-11-01).
560:10.1109/DSN48063.2020.00045
501:10.1007/978-0-387-73821-5_4
10:
676:
159:
120:
660:Denial-of-service attacks
295:Android operating system
269:file can even contain a
182:denial-of-service attack
146:denial-of-service attack
16:Malicious email abuse
43:improve this article
529:krebsonsecurity.com
493:2010nese.book...77J
238:anti-virus software
588:research.swtch.com
347:. 29 November 2018
275:infinite recursion
569:978-1-7281-5809-9
281:Text message bomb
263:Denial of Service
221:registration bots
119:
118:
111:
93:
667:
617:
616:
614:
613:
598:
592:
591:
580:
574:
573:
545:
539:
538:
536:
535:
521:
515:
514:
486:
470:
461:
460:
458:
456:
436:
430:
429:
427:
426:
412:
397:
390:
381:
380:
378:
377:
370:The Windows Club
362:
356:
355:
353:
352:
337:
331:
330:
328:
327:
321:www.silverbug.it
312:
114:
107:
103:
100:
94:
92:
51:
27:
19:
675:
674:
670:
669:
668:
666:
665:
664:
645:
644:
626:
621:
620:
611:
609:
607:Huffington Post
599:
595:
582:
581:
577:
570:
546:
542:
533:
531:
523:
522:
518:
511:
471:
464:
454:
452:
437:
433:
424:
422:
420:p2k.unaki.ac.id
414:
413:
400:
392:Dima Bekerman:
391:
384:
375:
373:
364:
363:
359:
350:
348:
339:
338:
334:
325:
323:
313:
309:
304:
283:
230:
209:
201:zombie computer
170:
162:
154:security breach
126:
115:
104:
98:
95:
52:
50:
40:
28:
17:
12:
11:
5:
673:
663:
662:
657:
643:
642:
637:
632:
625:
624:External links
622:
619:
618:
593:
575:
568:
540:
516:
509:
462:
431:
398:
382:
357:
332:
306:
305:
303:
300:
282:
279:
271:copy of itself
229:
226:
208:
205:
169:
166:
161:
158:
117:
116:
31:
29:
22:
15:
9:
6:
4:
3:
2:
672:
661:
658:
656:
653:
652:
650:
641:
638:
636:
633:
631:
628:
627:
608:
604:
597:
589:
585:
579:
571:
565:
561:
557:
553:
552:
544:
530:
526:
520:
512:
510:9780387738208
506:
502:
498:
494:
490:
485:
480:
476:
469:
467:
450:
446:
442:
435:
421:
417:
411:
409:
407:
405:
403:
395:
389:
387:
371:
367:
361:
346:
342:
336:
322:
318:
311:
307:
299:
296:
292:
291:cyberbullying
288:
278:
276:
272:
268:
264:
259:
255:
251:
247:
243:
239:
235:
225:
222:
217:
213:
204:
202:
197:
195:
191:
187:
183:
179:
175:
174:email address
165:
157:
155:
151:
147:
143:
139:
135:
131:
124:
113:
110:
102:
91:
88:
84:
81:
77:
74:
70:
67:
63:
60: –
59:
55:
54:Find sources:
48:
44:
38:
37:
32:This article
30:
26:
21:
20:
610:. Retrieved
606:
596:
587:
578:
550:
543:
532:. Retrieved
528:
519:
474:
453:. Retrieved
448:
444:
434:
423:. Retrieved
419:
374:. Retrieved
372:. 2017-05-04
369:
360:
349:. Retrieved
345:Dark Reading
344:
335:
324:. Retrieved
320:
310:
284:
257:
231:
218:
214:
210:
207:List linking
198:
178:spam filters
171:
168:Mass mailing
163:
150:smoke screen
133:
127:
105:
96:
86:
79:
72:
65:
58:"Email bomb"
53:
41:Please help
36:verification
33:
315:Silverbug.
265:. A ZIP or
228:Zip bombing
123:email storm
99:August 2016
649:Categories
612:2017-12-30
534:2016-08-23
484:cs/0305042
425:2023-04-30
376:2019-04-25
351:2019-04-25
326:2019-04-25
302:References
273:, causing
134:email bomb
132:usage, an
69:newspapers
455:23 August
234:ZIP bomb
194:spamming
148:or as a
130:Internet
489:Bibcode
267:.tar.gz
190:malware
186:botnets
160:Methods
83:scholar
566:
507:
142:server
85:
78:
71:
64:
56:
655:Email
479:arXiv
445:Login
254:7-Zip
138:email
90:JSTOR
76:books
564:ISBN
505:ISBN
457:2016
62:news
556:doi
497:doi
451:(6)
287:SMS
250:Zip
246:RAR
242:EXE
156:.
128:On
45:by
651::
605:.
586:.
562:.
527:.
503:.
495:.
487:.
465:^
449:28
447:.
443:.
418:.
401:^
385:^
368:.
343:.
319:.
252:,
248:,
244:,
232:A
615:.
590:.
572:.
558::
537:.
513:.
499::
491::
481::
459:.
428:.
379:.
354:.
329:.
258:z
125:.
112:)
106:(
101:)
97:(
87:·
80:·
73:·
66:·
39:.
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.
