Google has filed a lawsuit seeking to dismantle the infrastructure behind an alleged large-scale AI-powered cybercrime operation that used fake websites, scam text messages, and phishing tools to steal passwords, credit card details, and other sensitive information from victims.
The company identified the group as Outsider Enterprise, an alleged China-linked cybercrime network that Google says impersonated major brands, including Google itself, to trick users into handing over personal and financial data.
According to Google, the group’s operation affected hundreds of thousands of victims, with losses estimated in the millions. The company said the network deployed around 9,000 fake websites, used more than one million fraudulent domains, and sent 2.5 million scam text messages to Android users in just two weeks.
Google said Android users flagged around 55,000 spam texts during two weeks in May, equal to more than two spam complaints every minute.
The company said it has been using AI-powered security tools to detect suspicious calls and text messages, warning users before they fall victim to scams. Google claims its systems help intercept more than 10 billion scam messages every month.
Google also said it has worked with major U.S. telecom providers, including AT&T, T-Mobile, and Verizon, to block scam text messages. The company is also coordinating with the FBI.
According to the FBI, several domains connected to the cybercriminal operation were seized with support from Google and Lumen’s Black Lotus Labs. The FBI also said Shopify storefronts and accounts used to test the phishing service were disrupted.
Investigators said Outsider Enterprise’s phishing platform has helped criminals steal millions of credit card details since July 2023. The FBI estimated that the platform was linked to at least 3.87 million stolen credit cards and around $1.9 billion in losses.
In its complaint, Google said the people behind Outsider Enterprise remain unidentified and are believed to be foreign-based cybercriminals. The company accused them of building and maintaining a ready-made phishing platform that allows criminals with little technical skill to create fake websites and launch scams.
Google described the software as a “phishing-for-dummies” tool. The platform allegedly costs $88 per week or $200 per month and allows users to create convincing fake websites using AI tools, including Google’s own Gemini.
The phishing kit reportedly includes more than 290 pre-built templates designed to imitate websites belonging to telecom companies, banks, retailers, government agencies, and other organizations. These templates allow cybercriminals to create fake websites within minutes.
Victims are usually lured to these fake websites through scam text messages or online ads. Once a victim enters their login credentials, multi-factor authentication codes, or payment information, the data is sent to the criminals in real time through the Outsider platform.
Google said the cybercriminals openly coordinated through Telegram channels, where members shared tips, tools, stolen data, and instructions on how to use AI-generated code for phishing attacks.
The company also alleged that the operation used Google Drive and Google Cloud infrastructure to host some of the phishing websites, abusing legitimate services to make the scams look more trustworthy.
Between November 2025 and April 2026, Google detected more than 1.59 million URLs connected to Outsider Enterprise, showing the massive scale of the operation.
Google said the network included several groups working together. Some developed and maintained the phishing software, others supplied lists of potential victims from public records, social media, and data breaches. Another group handled bulk scam text messaging using smartphone banks, SIM cards, and modems, while others focused on selling stolen data and laundering money.
According to Google, the group stole at least 36,000 payment cards issued by financial institutions in 95 countries.
Google has accused Outsider Enterprise of impersonating its brands, copyright infringement, racketeering, wire fraud, and false advertising. Through the lawsuit, the company is seeking damages and a court order to stop the group from continuing its alleged cybercrime activities.
If this article helped you, please consider supporting our work. Every small contribution keeps Abijita.com independent and running.
The case highlights how cybercriminals are increasingly using AI to scale phishing campaigns and create more convincing scams. It also shows how major technology companies are now using AI-driven defenses to fight back against AI-powered fraud.
Google Sues Alleged AI-Powered Cybercrime Network Behind Massive Phishing Operation
