Google has initiated legal action aimed at dismantling the infrastructure supporting a vast cybercrime operation, reportedly powered by artificial intelligence.
The tech giant formally announced on Friday its lawsuit against Outsider Enterprise, an alleged Chinese cybercrime network. Google asserts that this group employs AI in its campaigns to disseminate fraudulent text messages, impersonating Google and other prominent brands to illicitly obtain passwords and credit card details.
Outsider Enterprise is accused of financially defrauding "hundreds of thousands of victims," leading to losses "estimated in the millions." Google's findings indicate that the group established 9,000 deceptive websites, registered one million fraudulent web domains, and dispatched 2.5 million scam texts to Android users within a mere two-week timeframe.
The company highlighted the sheer volume of these attacks, stating, "55,000 spam texts were flagged by Android users in just two weeks this past May — that’s more than two text spam complaints a minute."
Countering these threats, Google stated it deploys "AI-powered tools to fight AI-powered scams." These sophisticated tools allow the company to identify fraudulent activities and notify users about suspicious calls and text messages, reportedly intercepting over 10 billion scam messages monthly.
Furthermore, Google confirmed its collaboration with major telecom providers AT&T, T-Mobile, and Verizon to block these fraudulent text messages, alongside active coordination with the FBI.
An FBI spokesperson informed TechCrunch that the bureau, working in concert with Google and Lumen’s Black Lotus Labs, successfully seized several domains exploited by the cybercriminals. This operation also included the confiscation of Shopify storefronts and accounts that were being utilized to test the phishing service.
The spokesperson further revealed that since July 2023, Outsider Enterprise’s advanced phishing platform has reportedly facilitated cybercriminals in stealing "at least an estimated 3,870,000 stolen credit cards and a corresponding estimated $1.9B in losses."
Within its formal complaint, Google presented the substantial evidence compiled against individuals implicated in Outsider Enterprise's operations. The company describes these perpetrators as foreign-based cybercriminals whose true identities remain undisclosed. The complaint alleges that this group "built, maintains, and uses a turn-key, online software suite that enables criminals, regardless of technical skill, to publish fraudulent websites designed to rob victims and enrich themselves."
Google detailed that this "phishing-for-dummies" software, dubbed "Outsider," is available for a subscription of $88 per week or $200 per month. It reportedly empowers operators to effortlessly construct deceptive websites, leveraging AI platforms, including Google's own Gemini. These fraudulent sites mimic a wide array of legitimate services and entities, encompassing telecom providers, financial institutions, government agencies, and retailers.
To entice individuals to these counterfeit websites, the cybercriminals engage in collaborative efforts to dispatch malicious text messages or procure advertising. Their overarching objective is to pilfer passwords, associated multi-factor authentication codes, and sensitive financial data. This is achieved by capturing information victims enter into the fraudulent sites, with the data then transmitted in real-time via Outsider’s platform.
Google further elaborated on the software's allure, stating, "Part of the Outsider software’s appeal is the ease with which someone with limited technical expertise — like many members of the Enterprise— can purchase the software, execute various phishing attacks, and, upon purchase, meet other members of the Enterprise who are proficient in other areas." This refers to Telegram channels where these cybercriminals openly collaborate, offer mutual training, strategize, and refine their phishing methodologies. Google added, "The Enterprise brazenly coordinates its efforts in open and largely uncoded discussions on Telegram."
According to Google, the Outsider platform purportedly furnishes cybercriminals with "more than 290 pre-built templates that mimic legitimate websites," enabling the creation of authentic-looking replicas "in minutes." It also provides guides on how to "weaponize AI-generated code" and a dashboard to monitor phishing campaign progress. Alarmingly, the cybercriminals are alleged to have leveraged Google Drive and Google Cloud infrastructure to host their phishing websites.
In the complaint, Google asserted, "The Outsider software has been used to create over a million phishing websites to swindle innocent victims out of millions of dollars."
Illustrating the vast scale of Outsider Enterprise’s activities, Google reported detecting over 1.59 million connected URLs during a five-month span, specifically from November 14, 2025, to April 14, 2026.
Google outlined the sophisticated structure of the Outsider Enterprise operation, identifying it as comprising several distinct groups of cybercriminals: those responsible for developing and maintaining the phishing software and website templates; those who furnish lists of potential targets, meticulously curated from public records, social media, and data breaches; a dedicated "spammer group" that supplies the necessary tools and infrastructure, including smartphone banks, SIM cards, and modems, for sending bulk scam texts; and finally, those who monetize the stolen credentials and launder the illicitly obtained funds.
According to Google, these cybercriminals have managed to steal "at least 36,000 payment cards issued by financial institutions in 95 countries."
The company has formally accused the individuals behind Outsider Enterprise of impersonating Google and its associated brands, infringing on its copyrights, engaging in racketeering activities, committing wire fraud, and false advertising. Through this lawsuit, Google is pursuing both compensatory and punitive damages, alongside a court order to permanently halt the criminals' illicit operations.
The Editorial Staff at AIChief is a team of professional content writers with extensive experience in AI and marketing. Founded in 2025, AIChief has quickly grown into the largest free AI resource hub in the industry.