I work the email security company xorlab[0], where my colleagues and I did a thorough analysis of real subscription/email bombing waves that we saw at our customers[1].

Here are some interesting additional information from the attacks we analyzed:

* Email bombing as a service is a thing, where you can buy 10,000 credits for $10 and easily bomb target inboxes with over 2000 emails per hour.

* Most all email bombing attacks starts in the morning, between 8-10.

* Most common day of attack is Friday

[0] https://www.xorlab.com/en/

[1] https://www.xorlab.com/en/blog/from-chaos-to-control-insight...