Google sues Outsider Enterprise over AI-enabled phishing
According to The Next Web, Google filed a civil lawsuit aimed at dismantling infrastructure used by a Chinese cybercrime ring called Outsider Enterprise. The Next Web reports the group used Gemini and other AI tools to generate phishing site code and to deploy scam text messages, sending 2.5 million fraudulent SMS messages to Android users over a two-week period. The Next Web says the operation created 9,000 fake websites and roughly 1 million fraudulent web domains, and that Google alleges "hundreds of thousands of victims" with losses "estimated in the millions." The Next Web reports Google is coordinating with the FBI and with carriers AT&T, T-Mobile, and Verizon to block the messages.
What happened
According to The Next Web, Google filed a civil lawsuit seeking to dismantle the infrastructure behind a Chinese cybercrime operation identified as Outsider Enterprise. The Next Web reports the group used AI, including Gemini, to generate phishing website code and to power mass SMS campaigns that delivered 2.5 million scam texts to Android users in a two-week period. The Next Web reports the operation deployed 9,000 fake websites and about 1 million fraudulent web domains. The Next Web quotes Google saying the group financially scammed "hundreds of thousands of victims," with losses "estimated in the millions."
Technical details
Per the court filing reported by The Next Web, members of Outsider Enterprise encouraged each other to use Gemini to generate custom phishing code, which was then imported into the group's software and converted into live scam pages. The Next Web reports the group distributed "phishing kits" via Telegram to enable lower-level operators to run fake-text campaigns impersonating trusted brands. The Next Web also reports Google saying its detection systems intercept more than 10 billion scam messages per month. The Next Web says Google is coordinating with the FBI and with carriers AT&T, T-Mobile, and Verizon to block the messages before delivery.
Industry context
Editorial analysis: This case illustrates a pattern commentators have observed where accessible, capable code-generation models lower the technical barrier for large-scale social engineering. Companies and defenders have increasingly seen commoditized tooling, distribution channels like Telegram, and bulk domain registration combine to scale traditional scams. For practitioners, the combination of AI-assisted code generation and ready-made "phishing kits" increases the volume and variety of attack surfaces security teams must detect and block.
What to watch
Editorial analysis: Observers should track the court outcome and any injunctive remedies, whether carriers report measurable reductions after coordinated blocking, and whether model providers update policies or enforcement related to code-generation abuse. Also monitor reporting on law enforcement actions the FBI may take and on any public disclosures tying specific toolchains to observed campaigns.
Scoring Rationale
This is a notable incident for security and model-abuse monitoring because it links a widely discussed frontier model to large-scale, automated phishing infrastructure. It matters to defenders, model providers, and platform teams wrestling with abuse at scale.
Practice with real Ad Tech data
90 SQL & Python problems · 15 industry datasets
250 free problems · No credit card
See all Ad Tech problems
