Comment by tmdetect

I think it’s fairly clear from everyone’s comments that this is a card testing scheme. Now it’s how you respond to it that matters.

You’re essentially playing a game of cat and mouse. There’s 12 new domains added today for one provider for example [0].

Use a 3rd party api to block these (disclaimer, this is what I do) and keep layering your security. Note that I’ve seen an increase in gmail temporary email providers, so while many here will disagree, blocking plus emails and . emails is absolutely a valid tactic during this attack period.

[0] https://tempmaildetector.com/provider/temp-mail.org