Microsoft says that its protector for Office 365 Cloud-based email security suits will now automatically detect and block email bombing attacks.
Defenders for Office 365 (formerly known as Office 365 Advanced Threat Protection or Office 365 ATP) protects organizations working in high -risk industries and deal with dangers refined by evil messages, links and cooperation equipment.
“We are presenting a new identity capacity in Microsoft defender for Office 365 to help our organization to protect our organization from the danger known as email bombing,” Redmand Tell me Microsoft 365 Message Center in update.
“This form of misuse floods the mailbox with high versions of emails to obscure important messages or heavy systems. Detecting the new ‘mail bombing’ will automatically identify and block these attacks, which will help the security teams maintain visibility in real threats.”
The new ‘mail bombing’ facility began at the end of June 2025 and is expected to reach all organizations by the end of July. It will be togle by default, it requires no manual configuration, and automatically the junk folder will automatically send all the messages identified as part of the mail bombing campaign.
As a company Explained In the weekend, the mail bombing is now available as a new identity type in the danger, email unit page, email summary panel and advanced hunting for safety operating analysts and administrators.
In mail -bombing attacks, the danger actors flooded the email inbox of their goals within minutes with thousands or tens of messages, either by giving them a large number of newspapers or using a dedicated cybercrime services that can send a large number of emails.
In most cases, the final goal of the attackers is to overload email safety systems as part of social engineering schemes, which paves the way for malware or ransomware attacks that can help exfiltrate sensitive data from the compromised systems of the victims.
Email bombing has been employed in attacks by various cyber crime and ransomware groups for more than a year. It began with the Blackbasta gang, which used this strategy to fill the mailbox of its victims within a few minutes before launching its attacks.
They will follow with Voice Fishing Cold Calls, present their IT support teams, prepares to give employees remote access to their equipment to give remote access using andesk or built-in Windows Quick Assist Tool to give remote access to their equipment.
After infiltrating your system, the attackers will deploy various malicious equipment and malware implants, allowing the ransomware payload to be able to move later through the corporate network before deploying the ransomware payload.
Recently, email bombing has been associated with the Fin7 group by 3AM ranges and cyber criminals, which has also spoiled IT support in social engineering attacks with the aim of persuading employees to give their credentials for remote access to corporate systems.
Patching meant complex scripts, long and endless fire drills. No more.
In this new guide, the tines break down how it is leveling with modern organ automation. Patch fast, reduce overhead, and focus on strategic tasks – no complex script is required.
