FPJ Cyber Secure: Mumbai Police Issues Advisory On Email Bombing For Citizens To Stay Safe From Online Threat

The Mumbai police on Friday issued an advisory for citizens on a lurking email bomb cyber attack. An email bomb is a form of net abuse that sends large volumes of email to an address, making the mailbox overflow and overwhelm the server. This smoke screen distracts the attention from important email messages, indicating a security breach.

Methods Of Email Bomb Attack

There are three ways of carrying out an email bomb attack, including mass mailing, linking lists, and zip bombing, according to the advisory.

‘‘Mass mailing consists of sending numerous duplicate emails to the same email address. These types of mail bombs are simple to design but their extreme simplicity means they can be easily detected by spam filters. Email-bombing using mass mailing is also commonly performed as a Distributed Denial-of-Service attack by employing the use of botnets, hierarchical networks of computers compromised by malware and under the attacker's control,” the advisory states.

The advisory further reads, “As in spamming, the attacker instructs the botnet to send out millions of emails, but unlike normal botnet spamming, the emails are all addressed to only one or a few addresses the attacker wishes to flood,” it said.

“This type of attack is more difficult to defend against than a simple mass-mailing bomb because of the multiple source addresses and the possibility of each infected computer sending a different message or employing stealth techniques to defeat spam filters,” it said, adding that “a zip bomb is a variant of mail-bombing”.

Details On Email Cluster Bomb Attack

“List linking, also known as ‘email cluster bomb’, means signing a particular email address up to several email list subscriptions. The victim then has to unsubscribe from these unwanted services manually. The attack can be carried out automatically with simple scripts,” said the advisory.

“This is easy, almost impossible to trace back to the perpetrator, and potentially very destructive. To prevent this type of bombing, most email subscription services send a confirmation email to a person’s inbox,” it said.

“It is generally advisable not to click any links or open attachments from unknown sources. If you receive an email bomb, report it immediately. You should also notify your internet service provider and see if they have any solutions or suggestions for protecting yourself from future attacks,” according to the advisory.