Email subscription bombing, also known as subscription flooding, is an emerging attack vector in which an attacker subscribes the victim to thousands of mailing lists, flooding the victim's mailbox. The objectives of such attacks vary widely—from nuisance and distraction to more serious goals, including obscuring password reset emails within a flood of irrelevant content or priming victims for follow-up impersonation attacks. Based on our analysis of 24 real subscription bombing attack campaigns with 46,970 unwanted emails, we provide insights into operational patterns of these campaigns, examine subscription bombing services offered on the dark web, and discuss mitigation strategies such as automated unsubscription.
Payer et al. (Wed,) studied this question.