A significant new measure is being rolled out to combat malicious attacks targeting user inboxes. Email bombing, a disruptive form of denial-of-service (DoS) attack, involves overwhelming a specific email address with a massive flood of unwanted messages. This tactic not only makes it impossible for users to find legitimate communications but can also be used to conceal notifications of other malicious activities occurring simultaneously.
Recognizing the growing threat of this particular attack vector, enhanced security measures are now being implemented. This crucial protection focuses on identifying and mitigating large-scale inbound email floods directed at individual recipients within environments like Microsoft 365 Exchange Online.
The system detects anomalous patterns of extremely high volume email traffic aimed at a single inbox over a short period. Upon identifying such a pattern indicative of an email bombing attack, the new protection automatically takes action. It intelligently throttles or temporarily defers incoming emails that are deemed part of the suspected flood from external senders.
This targeted approach helps prevent the target inbox from becoming completely unusable, allowing users to still receive crucial internal emails relatively normally while the flood of external junk is held back. This new capability adds another layer of defense against sophisticated email-based threats, significantly improving the resilience and usability of inboxes when under attack and enhancing overall email security.
Source: https://www.helpnetsecurity.com/2025/07/01/microsoft-introduces-protection-against-email-bombing/
