Google has initiated a lawsuit against a Chinese cybercrime network, accusing it of employing artificial intelligence (AI) to facilitate phishing attacks targeting U.S. users. The tech giant alleges that the network used its AI agent, Gemini, to craft fraudulent text messages in a method known as ‘smishing’. These messages impersonate legitimate companies, falsely alerting recipients about issues with brokerage accounts or promising rewards from their mobile carriers.
Phishing-as-a-Service Model
The cybercrime operation is reportedly linked to a phishing-as-a-service (PhaaS) software called Outsider. This tool, according to Google, assists in creating deceptive phishing sites and sending out vast numbers of fake SMS messages. The emails direct users to sham websites that mimic those of trusted financial institutions, aiming to steal sensitive personal and financial data.
Google’s legal action aims to dismantle the network’s infrastructure. The company is also collaborating with major U.S. telecom providers, including AT&T, T-Mobile, and Verizon, to block such messages from reaching their customers. These efforts underscore the scale of the problem, as the Outsider network has allegedly victimized over 100,000 individuals, resulting in financial losses amounting to millions of dollars.
Massive Scale of Fraudulent Activities
From November 2025 to April 2026, over 9,000 fake websites and 1.59 million fraudulent URLs linked to Outsider were identified. Within a two-week period from mid-May to early June 2026, Android users flagged 55,000 spam texts tied to this operation. The network sent 2.5 million messages, redirecting users to Outsider-generated sites. The PhaaS tool costs as little as $88 per week, enabling criminals to easily create fake sites, execute phishing campaigns, and steal financial information.
Outsider provides more than 290 templates imitating legitimate websites and features such as real-time keystroke logging and campaign performance tracking. The service’s ‘plug-and-play’ nature simplifies the process for even novice fraudsters, offering them step-by-step guidance on using AI to generate and deploy malicious code.
Organizational Structure of the Cybercrime Network
The Outsider Enterprise comprises several coordinated groups, each fulfilling distinct roles in the phishing scheme. These include the Developer Group, responsible for creating phishing software; the Data Broker Group, offering targeted lists; the Spammer Group, handling bulk message distribution; and the Theft Group, which monetizes stolen information and processes illicit funds.
Google’s complaint highlights the growing challenge of AI-enhanced cybercrime, which lowers entry barriers for aspiring fraudsters lacking technical expertise. The FBI’s Cyber Division has acknowledged the increasing sophistication of such operations, emphasizing the need for vigilant defenses against these evolving threats. This lawsuit comes seven months after a similar legal battle against another China-based phishing platform, Lighthouse, which affected over a million users globally.
As digital threats continue to evolve, Google’s proactive measures and partnerships with telecommunications companies signal a concerted effort to curb the proliferation of AI-driven phishing attacks. The outcome of this legal battle could set a precedent for combating sophisticated cybercrime networks worldwide.
