- A new feature for Microsoft Defender for Office 365 is currently being rolled out
- It sends all E -Mail -bom messages to the Junk folder
- Most users need to get it at the end of July 2025
E -Mail bombing, one of the more dangerous cybercrime tactics, will now automatically be identified and mitigated in Office 365 thanks to a new Microsoft Defense Update.
The feature, which was already starting to roll out and had to reach most users in late July 2025, now sends all E emails identified as part of an E email campaign just to the unwanted folder.
What is even better – when introduced, the new feature is turned on by default and requires no action from the user.
Installation of malware
“We are introducing a new detection ability in Microsoft Defender for Office 365 to help protect your organization from a growing threat called E -Mail bombing,” Microsoft said in his message center update.
“This type of abuse floods mailboxes with large quantities of e -mail to hide important messages or overwhelming systems. The new ‘post bombing’ detection identifies and blocks these attacks automatically, which automatically helps security teams maintain visibility in real threats.”
E -mail bombing is a tactic where threat players find a victim, and then send hundreds or even thousands of unwanted E emails in quick order (usually in minutes or hours).
E emails are sent either by subscribing to the victim to countless newsletters at once or by using a dedicated cyber criminal service. In any case, the large amount of messages overwhelm the inbox and confuses the victim.
The second step is to cold call the victim, identify as a member of the IT staff, tell them that there is a company-covering problem with emails and requesting access to the computer through remote desktop solutions.
When the striker gets access, they can drop malware, exfiltrate access codes and other sensitive data or implement ransomware.
Several hacking groups have used E -Mail bombing in their attacks, including Blackbasta, 3 AM Ransomware -associated companies and cyber criminals attached to the Fin7 group.
Once introduced, the new feature will be turned on by default and requires no action from the user.
Via Bleeping computer
