Recently, one of our clients called us with an annoying email issue that they just couldn’t quite figure out. Why in the world were they suddenly receiving thousands of unwanted subscriptions, email newsletters and online account registrations? How could they make it stop? It’s called an email bomb and they are often a cover up for something much worse than a flooded inbox.

The prime reason these email bombs happen is to bury a legitimate email alerting you to a purchase made with one of your accounts. That’s right- the real problem here is that someone has stolen some form of your payment info and made a fraudulent charge. This is exactly what happened to the aforementioned client. They had a buried notification from PayPal among these emails.

The average person would select all these unwanted messages and mark them as spam or mass delete them, right? That’s exactly what the scammer wants you to do. Doing this increases the odds that you’ll select the legitimate email for deletion without verifying validity. Also, these emails aren’t caught by spam filters because technically they aren’t spam. These scammers use a bot to sign you up for all of these accounts with your valid email address. This  “denial-of-service” style attack can even be an attempt to make a machine or network resource unavailable so the warning email about a charge never gets through. Email providers, like Google, can have a limit of 10,000 emails per day so once that limit is reached, valid emails won’t be delivered.

So what do you do if you’re email bombed? First thing is to check all of your financial accounts for a fraudulent charge. Check anything that may have saved payment information like bank accounts, PayPal, VenMo, etc. Alert the entities to any fraudulent charges and take necessary steps to remedy. These hackers have even been known to access your cell phone provider account to order new phones and devices too.

Second, the hackers had to obtain your financial login or password information from somewhere, right? That means you could very likely have malware or spyware installed on your main device. Make sure to change your passwords on all accounts immediately but do this from a different computer.  Contact your IT department or provider immediately to have your device scanned for malware and/or spyware.

Third, as grueling as it may be, sort through the emails to see if one or more may be an authentic notification of a charge. For most of the emails, if you simply delete them without “confirming” or “verifying”, they will die off in frequency. Otherwise, if the email isn’t seeking confirmation, you may need to unsubscribe to get the emails to stop. Marking them as spam can do the trick, too, except keep in mind that doing so can damage the sender’s online reputation.

Last, set up rules for incoming emails. You can filter by keywords like “subscription”, “newsletter” and the like so these emails will go to a folder for you to sort through at a later date. You can also makes rules like “always allow” emails from specific senders like PayPal and they can be flagged or highlighted to catch your attention.

For help, if you’re a Miller Group client or would like to be, call us at 314-822-8090 or create a support ticket through one of these methods.