Recommended reading

Major spam email warning - AI now generates almost all of your junk mail

News
By published

Spam is getting more sophisticated by the day, report warns

email
(Image credit: Image by Muhammad Ribkhan from Pixabay)
  • Researchers compared pre-GPT era spam, with the ones that came after
  • Most spam messages today are AI-generated
  • BEC emails require more precision

The majority of spam emails being sent out today are being written by Generative Artificial Intelligence (GenAI), new research has claimed.

A report from Barracuda has argued cybercriminals are not using AI to change their attack tactics, but rather to refine them and make them more difficult to spot.

The study compared emails sent before the emergence of ChatGPT (pre-November 2022), to the ones sent after, and noticed a significant change - namely criminals are mostly using GenAI in spam.

Increasing credibility

By April 2025, 51% of spam emails were generated by an AI, rather than a human, they determined.

“The majority of the emails currently sitting in the average junk/spam folder are likely to have been written by a large language model (LLM),” they explained

On the other hand, criminals don't seem to be that eager to use AI in Business Email Compromise (BEC) attacks. As per the researchers, these types of attack involve precision and typically target a senior person in an organization. As a result, by April 2025, just 14% of BEC attacks were generated by an AI.

As one might expect, AI-generated messages are better written. They have a higher level of formality, fewer grammar errors, and greater linguistic sophistication. Therefore, they appear more credible and professional to the victims, increasing the likelihood of them falling prey.

It also means that cyberattackers whose native language is not English will have an easier time targeting businesses in English-speaking countries. Finally, crooks seem to be using AI to A/B test different spam variants, trying to determine which wording variations perform better in real-life environments.

The best way to defend against AI-generated spam messages is with AI-powered email security solutions. In the pre-GPT era, one could spot phishing and spam by simply proofreading the email - these messages were usually filled with spelling and grammar errors, while the language was crude and out-of-character most of the time.

Since AI eliminated these red flags, an advanced email security solution, equipped with multilayered, AI/ML-enabled detection, is “crucial”, the researchers concluded.

You might also like

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.