FrozenSpam
FR Start for €1
Analysis

Why spam is back in 2026 (and why your Gmail filter no longer keeps up)

Spam volumes have exploded +40% since 2024. Traditional filters are cracking. Decryption of the three forces that changed the game — and what it implies for your professional mailbox.

Published May 24, 2026 by Emmanuel Daunizeau · 8 min read

1. LLMs made spam economically viable again

Between 2010 and 2022, spam globally declined as a share of worldwide mail volume. Bayesian filters + DNSBL + SPF/DMARC made mass spam economically unprofitable: the cost of sending exceeded the gain per delivered mail.

Since 2024, this calculation flipped. Why? Because LLMs accessible at €1 per 1,000 mails allow industrial production of varied, contextualized content in proper English/French. 2026 spam isn't chain-translated text anymore: it's content written by GPT-4 or Claude, naturally bypassing lexical filters.

Concretely: a spammer in Southeast Asia or Eastern Europe can produce 10,000 unique variations of a misleading commercial mail in hours for a few dollars. No classic Bayesian filter holds.

2. DMARC is misconfigured on 70% of French pro domains

According to the DMARC.org 2026 study (published March 2026), only 30% of .fr domains publish a strict DMARC policy (`p=reject` or `p=quarantine`). The remaining 70% either don't have DMARC at all, or are at `p=none`.

Result: a spammer impersonating contact@yourcompany.fr has a 70% chance the recipient has no mechanism to reject the mail. It passes.

3. Social engineering has been industrialized

2026 spam isn't the Nigerian mail anymore. It's:

  • Invoice fraud: a mail apparently from a known supplier changing their bank details
  • Personalized CEO fraud: a mail imitating your director with correct tone and signature, requesting an urgent wire
  • Fake HR mail: "Your payslip is available" with a link to a page resembling your real HRIS
  • Forced subscriptions: 200 newsletters you never subscribed to appearing in 24 hours, following a leak or competitor test

These attacks are designed to pass filters: no suspicious URL, no obvious keyword, plausible signature. Statistical Bayesian filters are powerless.

Why Gmail Workspace no longer keeps up as well

Gmail remains excellent on recognizable mass spam. But its precision on targeted spear-phishing (attacks above) is measured by the Barracuda 2026 study at only ~80%. That's 1 attack in 5 getting through.

For an SMB receiving 30 attempts per month, that's 6 attacks landing in the inbox of your CEO or accountant. A single one can cost tens of thousands of euros (documented AFNIC, ANSSI cases).

What to do in 2026

Three actions:

  1. Configure strict DMARC on your domain (`p=reject` minimum, after a month of monitoring `p=none`).
  2. Add a challenge-response layer upstream of your current filter. Not to replace Gmail/M365 — to complement them. CR requires a human reply, which stops automated spear-phishing dead.
  3. Train your teams on new patterns (CEO fraud, invoice fraud, fake HR). These are social engineering attacks, not technical.

How FrozenSpam fits this strategy

FrozenSpam is an MX gateway that sits in front of your existing mail server (Gmail Workspace, M365, Exchange, SmarterMail, OVH Mail Pro). Without changing anything user-side, FrozenSpam:

  • Rejects SMTP zombies via Spamhaus DNSBL (layer 1)
  • Verifies strict SPF/DKIM/DMARC and silently drops spoofing (layers 2 + 4)
  • Requires human challenge to unknowns before forwarding (layer 5)
  • Instantly passes contacts you've written to (outbound auto-whitelist — the zero false-positive guarantee)

Result on 12 years of production for us: close to a million spams blocked, zero documented false positive. Not by chance. By logical construction.

You're reading this because your inbox is unlivable. FrozenSpam makes it livable in five minutes. Start for €1, refundable 15 days.