One or more users are receiving thousands of emails from different subscription websites in a short period of time.
Subscription Bombing happens when a victim’s email address is harvested from the web and entered into thousands of web forms simultaneously by bots, resulting in a barrage of unwanted messages (sometimes as many as 20k+) to the victim’s mailbox. When this happens, the victim’s email address will often become unusable as a result of the sheer volume of mail that’s delivered to the single email address.
This type of attack is almost impossible to prevent because a user with a valid email address can spam any other valid email address, newsgroup, or bulletin-board service. In this case, the attack can be carried out automatically with simple scripts submitting the email address to thousands of unprotected registration forms without proper sign-up verification such as implementing CAPTCHA or Opt-in email.
Due to the nature of the attack where the e-mail address(s) are typically signed up to multiple legitimate mailing lists which makes it very difficult for detection as these would generally be legitimate mailings.
To help mitigate the attack, make sure to: