• Business

    ​’A CRM for cybercriminals’ – SpamGPT makes cybercriminals’ wildest dreams come true with business-grade marketing tools and features

    AnyFans Posted on

    By Efosa Udinmwen

    Copyright techradar

    ​'A CRM for cybercriminals' - SpamGPT makes cybercriminals' wildest dreams come true with business-grade marketing tools and features

    Skip to main content

    Tech Radar Pro

    Tech Radar Gaming

    Close main menu

    the business technology experts

    België (Nederlands)

    Deutschland

    North America

    US (English)

    Australasia

    New Zealand

    View Profile

    Search TechRadar

    Expert Insights

    Website builders

    Web hosting

    Best web hosting
    Best office chairs
    Best website builder
    Best antivirus
    Expert Insights

    Don’t miss these

    Democratized cybercrime: a new lower bar for hackers and higher stakes for security

    Hook, line and sinker: how to detect and protect your business from phishing attacks

    Hackers are using fake Zoom or Microsoft Teams invites to spy on all your workplace activity

    Watch out AI fans – cybercriminals are using jailbroken Mistral and Grok tools to build powerful new malware

    SMBs are being hit by malicious productivity tools – Zoom and ChatGPT spoofed by hackers

    Cyber Crime
    5 worrying ways AI is being used by cybercriminals to target millions of victims

    Enterprise security faces new challenge as attackers master art of digital impersonation

    Phishing emails are getting smarter – and using some new tricks to snare victims

    Double check your Microsoft 365 and Google accounts – this VoidProxy phishing service is hitting them hard

    AI-powered phishing attacks are on the rise and getting smarter – here’s how to stay safe

    How XWorm is fueling the rise of plug-and-play malware

    What is DMARC and why it could prevent your organization from being hacked by cybercriminals

    Criminals and scammers are using hacked websites and expired domain names to ‘poison’ ChatGPT with spammy recommendations – here’s how to stay safe

    Top AI website builder Lovable hit in worrying cyberattack – here’s what we know

    Malicious URLs and phishing scams remain a constant threat for businesses – here’s what can be done

    ​’A CRM for cybercriminals’ – SpamGPT makes cybercriminals’ wildest dreams come true with business-grade marketing tools and features

    Efosa Udinmwen

    20 September 2025

    SpamGPT reduces the skill barrier for mass spam and ransomware campaigns

    When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

    (Image credit: Shutterstock)

    SpamGPT turns phishing into an automated process with minimal expertise
    Attackers can rotate multiple SMTP servers to dodge email throttling
    Real-time inbox monitoring enables immediate adjustments to phishing strategies

    Many of us are familiar with ChatGPT, but you may not have heard of SpamGPT, a new professional-grade email campaign tool created for cybercriminals.

    Researchers at Varonis have revealed this platform offers “all the conveniences a Fortune 500 marketer might expect, but adapted for cybercrime.”
    Its interface copies legitimate marketing dashboards, enabling attackers to design, schedule, and monitor large-scale spam and phishing operations with minimal technical expertise.

    You may like

    Democratized cybercrime: a new lower bar for hackers and higher stakes for security

    Hook, line and sinker: how to detect and protect your business from phishing attacks

    Hackers are using fake Zoom or Microsoft Teams invites to spy on all your workplace activity

    Infrastructure and deliverability capabilities
    By integrating AI tools directly into the platform, SpamGPT can generate convincing phishing content, refine subject lines, and suggest optimizations for scams.

    This shifts phishing from a craft requiring skill to a process that even low-level criminals can execute.
    “SpamGPT is essentially a CRM for cybercriminals, automating phishing at scale, personalizing attacks with stolen data, and optimizing conversion rates much like a seasoned marketer would. It’s also a chilling reminder that threat actors are embracing AI tools just as fast as defenders are,” said Rob Sobers, CMO at Varonis.
    SpamGPT’s built-in modules handle SMTP/IMAP setup, inbox monitoring, and deliverability testing.

    Are you a pro? Subscribe to our newsletter
    Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
    Contact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsorsBy submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.
    Attackers can bulk import SMTP credentials, validate them through a built-in checker, and rotate multiple servers to avoid throttling.
    IMAP monitoring allows them to observe replies, bounces, and inbox placement.
    Its automated inbox check feature sends test messages and instantly verifies whether they reached the inbox or spam folder, providing real-time feedback before campaigns go live.

    You may like

    Democratized cybercrime: a new lower bar for hackers and higher stakes for security

    Hook, line and sinker: how to detect and protect your business from phishing attacks

    Hackers are using fake Zoom or Microsoft Teams invites to spy on all your workplace activity

    These functions, combined with campaign analytics, mirror legitimate marketing CRMs but are repurposed to facilitate phishing, ransomware, or other malicious payloads.
    SpamGPT’s developers market the toolkit as an all-in-one spam-as-a-service solution.
    By offering a straightforward graphical interface and detailed documentation, it reduces the need for specialized skills or deep knowledge of email protocols.
    Features like “SMTP cracking mastery” tutorials instruct buyers on acquiring or compromising servers, while custom header options allow spoofing of trusted brands or domains.
    This makes it possible for attackers with limited experience to bypass basic email authentication protections and deploy campaigns at scale.
    The rise of SpamGPT suggests that phishing and ransomware incidents could become more frequent and advanced.
    This campaign can also deliver malware disguised as harmless correspondence by bypassing spam filters and blending with legitimate mail traffic.
    While this may sound alarming, there are several measures individuals and enterprises can take to stay safe.
    How to stay safe

    Strengthen email authentication with DMARC, SPF, and DKIM to prevent spoofed domains.
    Deploy AI-powered tools to detect phishing emails generated by large language models.
    Maintain robust malware removal procedures and keep regular, updated data backups.
    Enforce multi-factor authentication on all accounts to limit stolen credential misuse.
    Provide continuous phishing awareness training so employees can recognize suspicious emails.
    Use network segmentation and least-privilege access controls to limit malware spread.
    Keep all software and security patches updated to close exploitable vulnerabilities.
    Test and refine an incident response plan to ensure quick, effective recovery.
    You might also like

    These are the best firewall offerings around today
    Common internet scams and how to avoid them
    Chinese firms now have just an hour to report cybersecurity incidents

    Efosa Udinmwen

    Freelance Journalist

    Efosa has been writing about technology for over 7 years, initially driven by curiosity but now fueled by a strong passion for the field. He holds both a Master’s and a PhD in sciences, which provided him with a solid foundation in analytical thinking. Efosa developed a keen interest in technology policy, specifically exploring the intersection of privacy, security, and politics. His research delves into how technological advancements influence regulatory frameworks and societal norms, particularly concerning data protection and cybersecurity. Upon joining TechRadar Pro, in addition to privacy and technology policy, he is also focused on B2B security products. Efosa can be contacted at this email: udinmwenefosa@gmail.com

    You must confirm your public display name before commenting

    Please logout and then login again, you will then be prompted to enter your display name.

    Democratized cybercrime: a new lower bar for hackers and higher stakes for security

    Hook, line and sinker: how to detect and protect your business from phishing attacks

    Hackers are using fake Zoom or Microsoft Teams invites to spy on all your workplace activity

    Watch out AI fans – cybercriminals are using jailbroken Mistral and Grok tools to build powerful new malware

    SMBs are being hit by malicious productivity tools – Zoom and ChatGPT spoofed by hackers

    5 worrying ways AI is being used by cybercriminals to target millions of victims

    Latest in Security

    VPS servers hijacked into malware proxies – here’s how to stay safe

    Two teenagers charged over cyber hack on Transport for London

    WatchGuard warns users Firebox firewalls may have a critical issue – here’s what we know

    UK’s MI6 opens dark web portal Silent Courier to recruit Russian spies

    New Gold Salem ransomware could be the most worrying new strain we’ve seen for a while

    Most companies admit their current security can’t stop AI cybercrime

    Latest in News

    The latest DJI Osmo Nano leak gives us specs and images for the Insta360 GO 3S rival

    A major Samsung One 8.5 UI leak may have revealed the next big software update headed for your Galaxy phone

    How to share your Gemini Gems custom AI experts with all your friends

    Anthropic’s CEO gives ‘a 25% chance things go really, really badly’ with AI

    ICYMI: the week’s 7 biggest tech stories from new Meta smart glasses to stylish cheap earbuds

    This iOS 26 feature is causing drama at Apple Stores for iPhone 17 trade-ins – here’s how to avoid the same mistake

    LATEST ARTICLES

    Black Friday storage bloodbath incoming! Micron, Sandisk set to dramatically increase NAND and DRAM prices, with a direct impact expected on SSD and RAM prices within weeks

    I’ve tested a whole load of Shark vacuums, and these are the 3 I’d buy with my own money

    The funky JBL Go 4 is back to its lowest price this year

    Asus just launched another 162-inch 4K Micro LED monitor – yes, a monitor, not a TV, and it’s almost as big as a wall

    Laser Processing Units could give traditional CPUs, GPUs and quantum computers a run for their money – but don’t expect them to run Windows anytime soon

    TechRadar is part of Future US Inc, an international media group and leading digital publisher. Visit our corporate site.

    Contact Future’s experts

    Terms and conditions

    Privacy policy

    Cookies policy

    Advertise with us

    Web notifications

    Accessibility Statement

    Future US, Inc. Full 7th Floor, 130 West 42nd Street,

    Please login or signup to comment

    Please wait…

    You Might Also Like