A new tool called SpamGPT appeared on underground forums and quickly became the talk of the cybersecurity world. The system combines generative AI with a full-fledged mass mailing system and is positioned as a turnkey solution for phishing campaigns. Its developers openly refer to the product as "spam-as-a-service," emphasizing that it combines all the features of a professional marketing platform but is used for illegal activities.
SpamGPT's interface mimics legitimate email marketing services: it includes modules for campaign management, SMTP and IMAP settings, delivery verification, and analytics. The dark dashboard is accompanied by a built-in KaliGPT assistant, which generates email text, selects subject lines, and even offers advice on how to increase victim engagement. Automated message delivery control is implemented through real-time mailbox monitoring, allowing operators to immediately see whether an email has reached the inbox or been filtered.
The creators claim the platform is optimized to bypass filters in Gmail, Outlook, Yahoo, and Microsoft 365, and uses cloud services like AWS and SendGrid to disguise malicious traffic as legitimate. The focus is not only on scalability but also on guaranteed delivery: the tool doesn't just send emails, it ensures they reach recipients' primary folders.
The kit includes a "training course on SMTP hacking," which explains how to obtain and generate servers for mailings. Users are shown how to take over weakly protected or misconfigured mail hosts, as well as how to create an unlimited number of SMTP accounts. The control panel supports bulk server import, health checks, and load balancing across dozens of sources, making attacks resilient and scalable.
A key part of the kit are tools for sender spoofing and custom header creation. This allows attackers to impersonate trusted domains and brands, bypassing basic security mechanisms. Without a strict DMARC, SPF, or DKIM policy, the likelihood of successful fraud increases exponentially. The campaigns themselves are created through a system reminiscent of a CRM: attackers can set templates, schedule mailings, switch servers, and track detailed open and click statistics.
Essentially, SpamGPT has transformed a complex process into a construction kit accessible even to inexperienced cybercriminals. Everything that previously required a team of programmers is now performed through a user-friendly interface by a single operator for a fee of approximately $5,000. This dramatically lowers the barrier to entry and makes mass phishing attacks even more accessible.
Experts warn that to counter such attacks, companies need to strengthen email domain security. Configuring DMARC, SPF, and DKIM is essential, as is implementing modern anti-phishing systems powered by machine learning that can detect signs of generative text and atypical email patterns. Only a combination of technology, information sharing, and collaborative monitoring will allow companies to stay ahead of attackers using AI for automation.
SpamGPT's interface mimics legitimate email marketing services: it includes modules for campaign management, SMTP and IMAP settings, delivery verification, and analytics. The dark dashboard is accompanied by a built-in KaliGPT assistant, which generates email text, selects subject lines, and even offers advice on how to increase victim engagement. Automated message delivery control is implemented through real-time mailbox monitoring, allowing operators to immediately see whether an email has reached the inbox or been filtered.
The creators claim the platform is optimized to bypass filters in Gmail, Outlook, Yahoo, and Microsoft 365, and uses cloud services like AWS and SendGrid to disguise malicious traffic as legitimate. The focus is not only on scalability but also on guaranteed delivery: the tool doesn't just send emails, it ensures they reach recipients' primary folders.
The kit includes a "training course on SMTP hacking," which explains how to obtain and generate servers for mailings. Users are shown how to take over weakly protected or misconfigured mail hosts, as well as how to create an unlimited number of SMTP accounts. The control panel supports bulk server import, health checks, and load balancing across dozens of sources, making attacks resilient and scalable.
A key part of the kit are tools for sender spoofing and custom header creation. This allows attackers to impersonate trusted domains and brands, bypassing basic security mechanisms. Without a strict DMARC, SPF, or DKIM policy, the likelihood of successful fraud increases exponentially. The campaigns themselves are created through a system reminiscent of a CRM: attackers can set templates, schedule mailings, switch servers, and track detailed open and click statistics.
Essentially, SpamGPT has transformed a complex process into a construction kit accessible even to inexperienced cybercriminals. Everything that previously required a team of programmers is now performed through a user-friendly interface by a single operator for a fee of approximately $5,000. This dramatically lowers the barrier to entry and makes mass phishing attacks even more accessible.
Experts warn that to counter such attacks, companies need to strengthen email domain security. Configuring DMARC, SPF, and DKIM is essential, as is implementing modern anti-phishing systems powered by machine learning that can detect signs of generative text and atypical email patterns. Only a combination of technology, information sharing, and collaborative monitoring will allow companies to stay ahead of attackers using AI for automation.