Microsoft has enhanced Defender for Office 365 to automatically detect and prevent email bombing attacks, which flood inboxes with excessive emails to overwhelm security systems. This new feature helps organizations maintain visibility and protect against tactics used by threat actors like BlackBasta and FIN7. #EmailBombing #ThreatActors
Keypoints
- Microsoft Defender for Office 365 now detects and blocks email bombing attacks automatically.
- The new βMail Bombingβ detection feature is enabled by default and requires no manual setup.
- Threat actors use email flooding to overwhelm inboxes and facilitate subsequent malware or ransomware attacks.
- Attack techniques have been used by groups like BlackBasta, 3AM ransomware, and FIN7.
- Mail bombing often leads to social engineering schemes, such as voice phishing and credential theft.