Google sues Chinese cybercrime ring for weaponizing Gemini AI in phishing scams
The lawsuit marks Google's first coordinated legal action against threat actors who used its own AI tools to build thousands of fake websites and steal millions from victims.
What matters
- Google sued China-based Outsider Enterprise for abusing Gemini AI to build phishing infrastructure and requested a restraining order
- The operation generated 9,000 fake websites, 1 million fraudulent URLs, and sent 2.5 million spam texts in a two-week period in May
- This is Google's first lawsuit over coordinated abuse of its own generative AI platform
- The FBI and major U.S. carriers collaborated with Google on the takedown effort
- Google is lobbying for updated laws to address AI-driven fraud and 'supercharged' digital threats
Google on Friday filed a lawsuit against a China-based cybercrime network it calls Outsider Enterprise, accusing the group of weaponizing Google's own Gemini AI to power a sprawling phishing operation. The case, filed in the U.S. District Court for the Southern District of New York, marks the first time the company has sued threat actors for abusing its generative AI platform to target U.S. consumers.
According to the complaint and company statements, Outsider Enterprise operated a sophisticated phishing-as-a-service platform through Telegram, distributing ready-made phishing kits to criminal affiliates. The network allegedly used Gemini to generate custom code for scam websites, which was then imported into the group's software suite and deployed as live pages. Over a two-week period in May, the operation sent more than 2.5 million fraudulent text messages to Android users and generated 9,000 fake websites linked to more than one million fraudulent URLs. Android users flagged 55,000 spam texts tied to the group during the same window.
The fake sites impersonated trusted brands and government agencies, including Google, YouTube, the U.S. Postal Service, New York's E-ZPass toll service, financial institutions, and state DMVs. The group used a library of over 290 prebuilt templates to create urgent lures—fake package alerts, banking warnings, and account security notices—designed to harvest credentials and payment information. Google said the campaign impacted hundreds of thousands of victims and caused losses estimated in the millions of dollars.
What happened
The lawsuit represents a rare public offensive by a tech giant against scammers who turned its own tools against it. Google accused Outsider Enterprise of employing its technology and brand to commit fraud and requested a restraining order to shut the network down. The company coordinated with the FBI and major U.S. carriers—AT&T, T-Mobile, and Verizon—to dismantle the operation.
In a statement to The New York Times, Google's general counsel Halimah DeLaine Prado called the effort "our first coordinated effort and lawsuit," adding that the move "speaks to the breadth of impact that this particular scam has." The FBI's Cyber Division also weighed in. "Criminals increasingly use AI to make fraud like this more convincing and harder to detect," said Brett Leatherman, the division's assistant director.
Google did not detail what internal measures it took to address the abuse, noting only that it controls Gemini. Alongside the legal action, the company said it is advocating for updated laws to deal with AI-driven attacks, arguing that the technology has the potential to "supercharge" threats.
Why it matters
The case highlights a growing inversion in cybersecurity: generative AI, built to assist legitimate users, is becoming a force multiplier for criminals. By offering phishing-as-a-service, Outsider Enterprise lowered the technical barrier for fraud, allowing affiliates with minimal expertise to launch convincing campaigns. The scale of the operation—thousands of sites and millions of URLs in weeks—illustrates how AI can accelerate scam infrastructure creation far faster than traditional manual methods.
For Google, the lawsuit is as much about deterrence as restitution. Suing abusers of its own AI platform sends a signal that the company will pursue legal remedies, not just technical patches, when its systems are exploited. Yet the China-based location of the defendants raises practical questions about enforcement, since U.S. court orders do not easily reach foreign cybercriminal networks.
Public reaction
No Reddit or public discussion inputs were available for this story. Consequently, there is no strong public signal regarding sentiment or community reaction to the lawsuit.
What to watch
Observers should monitor whether the requested restraining order has any practical effect on a China-based operation, and whether Google will disclose specific changes to Gemini's safeguards. The company's push for new legislation also invites scrutiny: the exact provisions it wants remain unclear, and any proposed rules could shape how AI platforms police user behavior. Finally, the case may set a precedent for whether other AI providers follow with their own lawsuits against fraud rings abusing generative tools.
Sources
Public reaction
No Reddit or public discussion inputs were available for this story. There is no measurable social signal regarding sentiment or community reaction to Google's lawsuit against Outsider Enterprise.
Open questions
- Will Google disclose what internal Gemini safeguards it is changing to prevent similar abuse?
- Can a U.S. court effectively shut down a China-based cybercrime network with a restraining order?
- What specific legislation is Google proposing to address AI-driven fraud?
What to do next
Developers
Audit AI-generated code outputs in your applications for potential abuse vectors, and implement logging for suspicious prompt patterns that could indicate phishing-kit generation.
As generative AI becomes a tool for building scam infrastructure, developers building with AI need to anticipate misuse and add detection layers.
Founders
Evaluate your vendors' AI safety and abuse-prevention policies before integrating generative tools, and assume AI-powered social engineering will target your customers.
Third-party AI platforms can be weaponized against your brand; vendor diligence and customer-security planning are now core risk-management tasks.
PMs
Add friction and review steps for high-risk AI outputs such as code generation for authentication flows, and monitor for brand impersonation targeting your users.
Product teams must balance AI utility with safety by designing controls that make high-volume abuse harder without ruining the user experience.
Investors
Treat AI misuse and platform safety as material risk factors when assessing cybersecurity and consumer-tech portfolios.
Lawsuits and regulatory responses to AI-driven fraud could impact valuations, liability exposure, and the competitive positioning of AI platforms.
Operators
Update security training to cover AI-enhanced phishing tactics, and mandate verification of URLs and sender identities even when messages appear to come from trusted brands.
Frontline teams and end users remain the last line of defense; AI-generated scams are more convincing and require updated verification habits.
Testing notes
Caveats
- This story concerns a legal action and an active cybercrime operation. There is no product, API, or feature available for readers to test.