Google sues Chinese cybercrime ring that weaponized Gemini AI to phish millions
The operation sent 2.5 million scam texts and built 9,000 fake websites using Google's own AI tools to steal passwords and credit card numbers.
What matters
- Google sued Chinese cybercrime group Outsider Enterprise for an AI-powered phishing and smishing operation
- The group allegedly used Google's Gemini AI to generate code for 9,000 fake websites and 1 million fraudulent domains
- 2.5 million scam texts were sent to Android users in two weeks, with 55,000 flagged by users in May alone
- Hundreds of thousands of victims lost an estimated millions of dollars to credential and payment theft
- Google is coordinating with the FBI and U.S. carriers, and using the case to advocate for stricter AI-era cybercrime laws
Google has filed a lawsuit against Outsider Enterprise, a China-based cybercrime network that allegedly used Google's own Gemini AI to build phishing websites and send millions of scam text messages. According to the company, the operation impersonated trusted brands including YouTube, the U.S. Postal Service, and New York's E-ZPass toll service to harvest passwords and credit card numbers from hundreds of thousands of victims.
The scale of the campaign is stark. In just two weeks in May, Outsider Enterprise sent 2.5 million fraudulent texts to Android users and deployed 9,000 fake websites connected to more than one million fraudulent domains. Android users flagged 55,000 of those spam texts during the same window—more than two complaints per minute. Google estimates total losses in the millions.
What happened
In a lawsuit filed Friday, Google asked a court to dismantle the infrastructure behind Outsider Enterprise. The group is accused of using AI—including Gemini—to generate custom code for phishing pages, which was then imported into a software suite and converted into live scam sites. According to court filings cited by The Next Web, members actively encouraged each other to use Gemini for this purpose, effectively turning Google's own tool against its user base.
The operation did not rely solely on a single team. Through Telegram, the group distributed "phishing kits" that allowed lower-level criminals to launch fake text campaigns mimicking major brands. Yahoo Tech notes that if you received a spam text demanding unpaid E-ZPass tolls recently, you were likely looking at Outsider Enterprise's work.
Beyond the lawsuit, Google said it is collaborating with AT&T, T-Mobile, and Verizon to block the scam messages. The company also confirmed it is coordinating with the FBI, and told TechCrunch it uses "AI-powered tools to fight AI-powered scams" to intercept more than 10 billion scam messages a month. In parallel, 9to5Google reports that Google is pushing for stricter laws that are more relevant to an AI-era threat landscape.
Why it matters
This case is a concrete example of the dual-use problem facing consumer AI. Gemini's ability to generate functional code on demand also makes it a scalable engine for fraud when guardrails fail. The fact that the scammers built kits for others means the attack surface is not limited to one group—it is franchised.
The financial toll is already significant, but the incident also tests the limits of cross-border enforcement. A civil suit filed in the United States may seize domains and disrupt infrastructure, yet the alleged operators are based in China, raising questions about whether arrests or criminal indictments will follow.
Google's concurrent call for updated cybercrime laws suggests the company sees this as a structural gap, not a one-off incident. If AI allows criminal operations to spin up thousands of convincing fake sites in days, existing legal frameworks designed for slower, manual fraud may be inadequate.
Public reaction
Discussion on Reddit's r/technology thread drew modest engagement—20 upvotes and an 81 percent upvote ratio across three comments—but surfaced key tensions. One commenter argued that AI safety guardrails "don't exist in any meaningful way" for stochastic models, while another noted that AI simply makes scams cheaper and faster to produce. A third raised the practical concern now reflected in broader discourse: how much impact can a civil suit really have on a foreign criminal enterprise?
What to watch
Observers should monitor whether the FBI announces indictments or arrests beyond the civil action, and how quickly Outsider Enterprise can rebuild if its domains are seized. Google's legislative push is also worth tracking, as it could shape how lawmakers define liability and responsibility for AI-generated cybercrime. Finally, the incident will likely intensify scrutiny of whether major AI providers can tighten guardrails without degrading legitimate utility.
Sources
Public reaction
Discussion on r/technology drew modest engagement with 20 upvotes and an 81 percent upvote ratio across three comments. Commenters focused on the inherent tension between AI guardrails and user instruction-following, the lowered cost of launching scams with AI, and skepticism about whether a U.S. civil suit can meaningfully restrain a foreign criminal operation.
Signals
- AI safety trade-offs between guardrails and instruction-following
- Concern that AI dramatically lowers barriers for scammers
- Skepticism about cross-border enforcement via civil litigation
Open questions
- Whether the FBI will announce indictments or arrests beyond the civil lawsuit
- How quickly Outsider Enterprise can rebuild infrastructure if domains are seized
- How a civil suit applies to a foreign criminal enterprise operating outside U.S. jurisdiction
What to do next
Developers
Audit your applications for AI-generated phishing payloads and enforce MFA to mitigate credential theft from increasingly convincing fake sites.
AI-generated scams lower the barrier to creating realistic phishing pages that bypass traditional detection.
Founders
Treat AI-generated social engineering as a core business risk; invest in user education and anomaly detection for account takeover attempts.
Franchised phishing kits mean your brand could be impersonated at scale even if you are not directly targeted.
PMs
Evaluate whether your product's trust signals—URLs, verification badges, and in-app warnings—are robust enough to withstand AI-generated impersonation at scale.
Users are increasingly unable to distinguish AI-generated fake interfaces from legitimate ones.
Investors
Factor AI-powered fraud infrastructure into cybersecurity portfolio assessments; the attack surface is expanding faster than traditional defenses.
The democratization of AI-driven scams signals a structural shift in the threat landscape.
Operators
Review vendor access logs and refresh employee phishing training, as AI-generated scams now bypass traditional language and design tells.
Operations teams are prime targets for credential-harvesting campaigns that use polished, AI-generated lures.
Testing notes
Caveats
- This story covers a legal action and cybercrime investigation, not a product launch, API, or developer tool. There are no testing steps to provide.