Google sues Outsider Enterprise behind AI scam texts

Google sues – Google has filed a lawsuit aimed at dismantling an alleged Chinese cybercrime operation called Outsider Enterprise, accusing it of using AI to scale phishing and scam text campaigns. The company says the operation deployed thousands of fake sites, sent million

On a busy May stretch, Android users flagged 55,000 spam texts in just two weeks—more than two complaints a minute. Google says those messages are part of an operation called Outsider Enterprise. a China-linked cybercrime network that it claims used AI to launch mass scams by impersonating Google and other major brands.

Google announced a lawsuit on Friday to dismantle the infrastructure behind what it describes as an AI-powered phishing scheme. In its filing. the company alleges that Outsider Enterprise ran campaigns designed to steal passwords and credit card numbers through scam text messages and fraudulent websites.

The scale, as Google frames it, is staggering. Over a two-week period, Google says the group deployed 9,000 fake websites, one million fraudulent web domains, and sent 2.5 million texts to Android users.

Google also points to the speed at which the operation could be executed. It says the scammers used “AI-powered tools to fight AI-powered scams. ” a phrase Google uses to describe its own defenses—tools it claims can detect and alert users to suspicious calls and text messages. Google says that approach has helped it intercept more than 10 billion scam messages a month.

The company is not acting alone. Google says it has been collaborating with AT&T, T-Mobile, and Verizon to block the scam text messages, and it is coordinating with the FBI.

An FBI spokesperson told this newsroom that, in coordination with Google and Lumen’s Black Lotus Labs, the bureau seized several domains used by the cybercriminals, along with Shopify storefronts and accounts used to test the operation’s phishing service.

The FBI spokesperson also said that since July 2023, Outsider Enterprise’s phishing platform enabled cybercriminals to steal at least an estimated 3,870,000 stolen credit cards and an estimated $1.9B in losses.

The court filing lays out how Google says Outsider Enterprise operates as a packaged system for criminals, including people with limited technical skills. Google describes Outsider as “phishing-for-dummies” software that costs $88 per week or $200 per month.

The complaint alleges that Outsider is a turn-key online suite that “built, maintains, and uses a turn-key, online software suite that enables criminals, regardless of technical skill,” to publish fraudulent websites aimed at robbing victims and enriching themselves.

Google says the software uses AI platforms—including Google’s own Gemini—to create fake websites that impersonate a range of services. In the complaint, Google lists telecom providers, financial institutions, government agencies, and retailers among the brands the fake sites resemble.

To get victims to those sites, Google says Outsider operators collaborate to send malicious texts or purchase ads. The goal is consistent: steal passwords and the corresponding multi-factor codes, as well as financial information. Google says the stolen data is transmitted in real time through Outsider’s platform after victims enter it into the fake websites.

What makes Outsider especially dangerous, in Google’s telling, is how it lowers the barrier to entry. The complaint says Outsider’s appeal includes the ease with which someone with limited technical expertise—like many members of the Enterprise— can buy the software. execute phishing attacks. and then connect with other members who specialize in different parts of the scheme.

Google points to Telegram as that meeting ground. It says the Enterprise coordinates its efforts in open and largely uncoded discussions on Telegram.

Google also alleges the platform offers operators “more than 290 pre-built templates” that mimic legitimate websites and can generate replicas “in minutes.” The complaint says it also includes guides on how to “weaponize AI-generated code,” plus a dashboard to track phishing campaign progress.

In another detail Google includes, it says the cybercriminals used Google Drive and Google Cloud infrastructure to host the phishing websites.

Google estimates that the Outsider software has been used to create over a million phishing websites to swindle “innocent victims out of millions of dollars.” To illustrate continued exposure. Google adds that over a five-month period—from November 14. 2025 to April 14. 2026—it detected more than 1.59 million URLs connected to the operation.

Within the group, Google says several types of criminal teams work together. There are those who develop and maintain phishing software and website templates. There are those who supply target lists curated from public records, social media, and data breaches. There is a “spammer group” that provides tools and infrastructure for bulk scam text sending. including smartphone banks. SIM cards. and modems. And there are those who monetize the stolen credentials and launder the money.

Google also alleges the operation stole at least 36,000 payment cards issued by financial institutions in 95 countries.

The lawsuit accuses people behind Outsider Enterprise of impersonating Google and its brands. infringing its copyright. engaging in racketeering activities. committing wire fraud. and false advertising. Google says it is seeking compensatory and punitive damages and an order requiring the criminals to stop their activities.

The sequence—AI-assisted template creation. mass text delivery. and real-time credential capture—shows how the system is designed to scale quickly. Google’s filing ties the technical mechanics directly to the human cost it is trying to stop: victims losing passwords and payment card data. then watching those losses grow into numbers the company says can reach into billions.

Google says the lawsuit was announced with updated information from Google’s complaint and the FBI’s comment. The story was originally published at 10:26 a.m. PDT and has since been updated.

Google lawsuit Outsider Enterprise AI-powered phishing scam text messages Android spam Gemini Gemini AI scams FBI seizure AT&T T-Mobile Verizon credit card theft Telegram phishing