Google has filed a lawsuit against Outsider Enterprise, a China-based cybercrime network for using AI tools, including Gemini, to build phishing websites and scam infrastructure.
The company said the operation has affected “hundreds of thousands of victims,” with losses estimated in the millions of dollars. It also links the group to more than 9,000 fake websites and 1 million fraudulent URLs.
“Criminals increasingly use AI to make fraud like this more convincing and harder to detect,” noted Brett Leatherman, assistant director of the FBI’s Cyber Division.
During a two-week period in May, Android users flagged 55,000 spam text messages tied to the operation. Google also connected 2.5 million messages sent during the same period to websites generated through Outsider Enterprise infrastructure.
Outsider Enterprise operated through Telegram and distributed phishing kits used in fake package delivery alerts, banking notifications, and account security warnings. The messages directed victims to websites designed to collect credentials and payment information.
The group supplied phishing infrastructure to other criminals, supporting campaigns that impersonated technology companies, mobile carriers, financial institutions, and package delivery services.
Members of the network also used Gemini to help generate code for phishing websites and related scam infrastructure, according to the lawsuit. Google described the case as its first lawsuit involving abuse of its Gemini AI tools.
“We’re filing a lawsuit to dismantle their infrastructure, coordinating with the FBI who will be taking law enforcement actions, and will continue to work with AT&T, T-Mobile and Verizon to block these texts before they reach you,” Google wrote.
“Litigation alone won’t end this. So Google is also advocating for federal legislation to make these protections permanent.”
Earlier this month, Google introduced new AI-powered scam detection features for Android designed to identify suspicious calls and text conversations. The company also said its messaging protections intercept more than 10 billion malicious messages each month.
