← Back to blog
2026-05-054 min read

I'm Getting Flooded with Confirmation Emails: Am I Under Attack?

Suddenly getting hundreds of sign-up confirmation emails from Reddit, Amazon, LinkedIn, and dozens of sites you've never heard of? You're not going mad. It's almost certainly not an accident. Here's what's happening and what to do right now.

Yes, this is an attack

If your inbox is suddenly filling up with confirmation emails, welcome emails, and newsletter opt-ins from dozens or hundreds of services you never signed up for, you're experiencing a registration bomb attack. Someone has taken your email address and submitted it to thousands of online signup forms simultaneously. Each service then does exactly what it's supposed to do: send you a confirmation email. None of those emails are spam in the traditional sense. That's what makes it so effective.

Why they're doing it

The flood is almost never the point. It's a distraction. While your inbox is paralysed under hundreds of thousands of emails, something else is happening: a fraudulent bank transfer, a password reset on one of your accounts, or an account takeover. The attack is designed to bury the confirmation of that action somewhere in the noise so you don't notice until it's too late. Check your bank accounts and any linked services immediately.

What to do right now

First: don't try to unsubscribe from everything. It will take hours, signal to the attacker that the address is active, and won't help with the next attack. Instead, create a filter that moves anything arriving in the next few hours to a separate folder, then go through your bank accounts, email account recovery options, and any financial services linked to your email. Look for anything that shouldn't be there.

How to find the email that matters

Sort your inbox by sender, not by time. The fraudulent transaction confirmation or password reset you're looking for will typically come from a sender you recognise: your bank, PayPal, a payroll system. Filter out the obvious noise (Reddit, LinkedIn, random newsletters) and focus on senders that have financial or account access significance. Act on anything suspicious immediately.

How to prevent it happening again

If this has happened once, your email address is on a list. It can happen again. The only permanent solution is an email gateway that sits in front of your mail server and detects the burst pattern before the flood reaches your inbox. MX Moat does this within 3-5 minutes of an attack starting, not through content filtering, but by recognising the network-level pattern of hundreds of first-time senders arriving simultaneously.

Frequently Asked Questions

I got hundreds of emails from Reddit specifically. What does that mean?

Reddit is commonly included in registration bomb scripts because it's a high-volume platform that sends confirmation emails quickly. Seeing Reddit, Amazon, LinkedIn, and similar platforms all at once is a strong indicator of a scripted attack rather than a coincidence.

Should I contact the sites that sent me emails?

It's not necessary and won't help much. The sites didn't do anything wrong; someone just used your email address on their signup forms. Focus your energy on checking for actual damage to your accounts rather than chasing individual senders.

How do I stop the emails that are already in my inbox?

Create a temporary email filter to move incoming messages matching "confirm", "verify", "welcome", or "subscription" to a separate folder. This keeps your inbox usable while you investigate. After a few hours the attack typically subsides on its own.

Have a question about protecting your domain?

Get in Touch →

Don't Wait for the Attack

Registration bombs don't send warnings. By the time you notice, 100,000 emails are already in your inbox. Protect your domain now.

Protect Your Domain →
🇪🇺 EU-hosted · GDPR compliant · Works with any email provider · Setup in 5 minutes