Major Security Update: Microsoft Defender Thwarts Email Bombing Attacks
Microsoft has recently launched a significant security update for Office 365. This update is designed to automatically block email bombing attacks, considered one of the most perilous forms of cybercrime. The new feature, named “Mail Bombing Detection”, began its rollout in late June and is expected to reach most users by the end of July 2025.
The Mail Bombing Detection feature is engineered to automatically identify and quarantine high-volume email flooding campaigns. These campaigns aim to inundate user inboxes with an extraordinarily high volume of messages in a short timeframe. Email bombing attacks serve dual malicious purposes:
- Overwhelming email infrastructure
- Burying important legitimate communications beneath waves of junk content
This feature is activated by default and requires no action from users. It provides organizations with enhanced protection against this increasingly common attack vector. Security Operations teams will gain visibility into these attacks through multiple interfaces within the Microsoft Defender portal. These interfaces include:
- Threat Explorer
- Email Entity View
- Email Summary Panel
This enhancement is part of Microsoft’s ongoing efforts to bolster its cybersecurity offerings in the face of escalating ransomware and cyberattack threats.