I woke Saturday morning to about 3500 new messages in my email box. After sorting through a few I realizes the majority of the emails were new subscription notifications, asking me to either confirm my signup or welcoming me to their site. I was the target of am email bomb attack.
While I had heard of these attacks, I hadn’t paid a ton of attention to them. Email bomb attacks harness a botnet to hit websites known to not use confirmation technology, such as CAPTCHA, to secure their web forms. As a result, bots can fill out the forms without challenge. I was now a fan of things I didn’t know would warrant their own website, much less a fan base.
So why me? I knew the answer to that right away, the attackers wanted to obfuscate something. I checked my credit, no inquiries or new accounts. I checked my bank, no unexpected transactions. I checked my credit cards, and that’s when I found it. My primary Visa that I use for online shopping had been compromised, and there were two new charges totaling $8,500! I was able to reach out to Citi and get everything taken care of in short order. Side note, I’ve been nothing but happy with Citi since Costco switched from AmEx to the Citi Visa.
Take note, if you see strange activity be aware that there’s likely more to the story. Be diligent, as the bad guys definitely will be. They’re good at what they do and you’re not good at understanding what they are doing. Check anything and everything to know if there is more to the story than just some unwanted emails.
Here’s a great resource for learning more about these types of attacks, from How-To Geek.
