A new feature for Microsoft Defender for Office 365 is currently being rolled outIt will send all email bombing messages to the junk folderMost users should get it by the end of July 2025Email bombing, one of the more dangerous cybercrime tactics, will now automatically be identified and mitigated in Office 365 thanks to a new Microsoft Defender update.The feature, which already started rolling out, and should reach most users by the end of July 2025, will now send all emails identified as part of an email bombing campaign, straight to the junk folder.What's even better - once introduced, the new feature will be turned on by default, requiring no action from the user’s side.Get 55% off Incogni's Data Removal service with code TECHRADAR Wipe your personal data off the internet with the Incogni data removal service. Stop identity thievesand protect your privacy from unwanted spam and scam calls.View DealInstalling malware"We're introducing a new detection capability in Microsoft Defender for Office 365 to help protect your organization from a growing threat known as email bombing," Microsoft said in its message center update."This form of abuse floods mailboxes with high volumes of email to obscure important messages or overwhelm systems. The new 'Mail Bombing' detection will automatically identify and block these attacks, helping security teams maintain visibility into real threats."Email bombing is a tactic in which threat actors find a victim, and then send hundreds, or even thousands, of junk emails in quick succession (usually in minutes, or hours).The emails are sent either by subscribing the victim to countless newsletters at once, or by using a dedicated cybercriminal service. In any case, the sheer volume of messages overwhelms the inbox and confuses the victim.The second step is to cold-call the victim, identify as a member of the IT staff, tell them there is a company-wide problem with emails, and request access to the computer through remote desktop solutions.Once the attackers gain access, they can drop malware, exfiltrate passwords and other sensitive data, or deploy ransomware.Multiple hacking groups have been using email bombing in their attacks, including BlackBasta, 3AM ransomware affiliates, and cybercriminals linked to the FIN7 group.Once introduced, the new feature will be turned on by default, requiring no action from the user’s side.Via BleepingComputerYou might also likeMicrosoft Teams abused in Russian email bombing ransomware campaignTake a look at our guide to the best authenticator appWe've rounded up the best password managers