Picture this: your inbox is flooded with thousands of emails and attackers are waiting for you to slip up. This isn’t just spam, it’s a calculated attack. We’ll cover how Microsoft is stepping in with a new defense to prevent email bombing as we sit down and Sync Up with Rocket IT’s weekly technology update.

In this video, you’ll hear more about:

• A sneaky way attackers use email overload to break in
• Microsoft’s latest security update for Outlook users
• How a new feature helps spot attacks before they escalate
• Why fake IT support calls are on the rise
• What businesses can do to stay protected

Video Transcript

This week, we’re looking at a new update to Microsoft Defender for Office 365, and why it matters more than ever.

If you’re not familiar with Defender for Office 365, it’s Microsoft’s built-in protection that helps businesses block dangerous emails, links, and files before they ever reach your team. It works behind the scenes in Outlook, SharePoint, Teams, and other Microsoft 365 tools to stop phishing, malware, and other threats in their tracks. But now, Microsoft is rolling out a new feature to automatically detect and block a rising threat called email bombing.

Email bombing is when an attacker floods your inbox with thousands of messages, often in just a few minutes. This spam uses automated tools to hit your email with might hundreds of newsletters and spam all at once.

Now, cyber criminals do this for two big reasons. First, it overwhelms your email so you miss important alerts of an attack. Second, it sets you up for what’s called a hybrid attack.

In a hybrid attack, the flood of emails is just a distraction. While you’re dealing with the chaos, someone calls pretending to be IT support. They might say they noticed the spike and want to help fix it. But really, they’re trying to trick you into giving them remote access to your computer. Once they’re in, they can steal data, install malware, or shut down your systems with ransomware.

Microsoft has seen this tactic used by major cybercrime groups, and it’s become increasingly common. That’s why they’ve introduced a new mail bombing detection system inside Defender for Office 365. It started rolling out in May of 2025 and should be active for everyone by the end of July.

Here’s how it works: Defender now tracks abnormal spikes in email volume across different sources and time windows. If it sees what looks like a mail bomb, it automatically moves those messages to the Junk folder and keeps your inbox ready for real alerts.

From a customer perspective, you don’t need to turn this feature on; it will be enabled by default when the update hits your account. If you’re not sure whether your organization has access to this feature yet, check for updates inside Microsoft 365’s security center or reach out to your IT partner. And if you don’t have someone managing these tools for you, that’s where a trusted IT provider, like Rocket IT, can help. Our team not only helps configure security features like this one, we also make sure your system is designed to prevent, detect, and respond to threats before they become business disruptions. To learn more about Rocket IT’s security offerings, contact us using the link in this video’s description. And to stay up to date on trending technology news, hit that subscribe button and the bell to catch us on next week’s episode of Sync Up with Rocket IT.