One day, our support inbox started receiving a strange wave of registration confirmation emails.

Not spam in the usual sense — these were legitimate emails from real services:

  • mailing lists
  • local community platforms
  • press release submission sites
  • account verification systems

The strange part was that none of us had signed up for any of them.

Since Xoxzo customer support is basically handled by me, I immediately knew something was off.

At first I thought:

“Wait… is someone using our support address to register for random services?”

But then another question came up:

Why?

It seemed like an oddly time-consuming way to annoy someone.

As it turns out, this kind of attack actually has a name: Subscription Bombing (sometimes also called Email Bombing).

Sometimes modern spam is less about malicious attachments and more about operational noise.

subscription bombing email bombing support operations operational security inbox flooding
Aiko Yokoyama

Aiko Yokoyama

Customer Success and Operations

Joined January 2014. Experienced as a clerk in Foreign Trading company, started and maintained an online supplement store. Lived in overseas for 15 years. Looking forward to communicating our customers with the broad view based on those experience.