Other-ai

Google Sues Chinese Cybercrime Group Using AI to Scam Millions

Google is suing a Chinese cybercrime network that used AI to scam hundreds of thousands of victims, with losses estimated in the millions.

Close-up of a man with binary code projected on his face, symbolizing cybersecurity.

Photo: cottonbro studio / Pexels

Google has filed a lawsuit to dismantle the infrastructure of an alleged AI-powered cybercrime operation linked to a Chinese group called Outsider Enterprise. The company claims the group used AI to send scam text messages impersonating Google and other brands, targeting Android users to steal passwords and credit card numbers. According to Google, the group deployed 9,000 fake websites, one million fraudulent domains, and sent 2.5 million texts in a two-week period. The company said that 55,000 spam texts were flagged by Android users in just two weeks this past May — that’s more than two text spam complaints a minute. Google said it uses AI-powered tools to detect scams and alert users of suspicious calls and texts, leading to the interception of more than 10 billion scam messages a month. The company is collaborating with AT&T, T-Mobile, and Verizon to block scam texts and is coordinating with the FBI. An FBI spokesperson told TechCrunch that the bureau, in coordination with Google and Lumen’s Black Lotus Labs, seized several domains used by the cybercriminals, as well as Shopify storefronts and accounts used to test the operation’s phishing service. The spokesperson said that since July 2023, Outsider Enterprise’s phishing platform enabled cybercriminals to steal at least an estimated 3,870,000 stolen credit cards and a corresponding estimated $1.9B in losses.

Google’s lawsuit includes detailed evidence against the foreign-based cybercriminals, whose real identities are unknown. The company said the group built and maintains a turn-key, online software suite that enables criminals, regardless of technical skill, to publish fraudulent websites designed to rob victims. This “phishing-for-dummies” software, called Outsider, costs $88 per week or $200 per month and allows operators to create fake websites with the help of AI platforms, including Google’s own Gemini. The fake sites impersonate several services and companies, such as telecom providers, financial institutions, government agencies, and retailers. Cybercriminals collaborate to send malicious text messages or purchase ads to lure victims to the fake websites. The common goal is to steal passwords and financial information, which the scammers can do by receiving the data that victims input into the fake websites, with the information being transmitted through Outsider’s platform in real time. Google wrote that part of the Outsider software’s appeal is the ease with which someone with limited technical expertise can purchase the software, execute various phishing attacks, and meet other members of the Enterprise who are proficient in other areas. The Enterprise brazenly coordinates its efforts in open and largely uncoded discussions on Telegram.

Google said the Outsider platform allegedly offers more than 290 pre-built templates that mimic legitimate websites, generating replicas of real websites in minutes. It also includes guides on how to weaponize AI-generated code and a dashboard to track phishing campaign progress. Cybercriminals have allegedly used Google Drive and Google Cloud infrastructure to host phishing websites. The company wrote that the Outsider software has been used to create over a million phishing websites to swindle innocent victims out of millions of dollars. To give an idea of the scale of the operation, Google said that over a five-month period, from November 14, 2025 to April 14, 2026, the company detected more than 1.59 million URLs connected to it. Google said the Outsider Enterprise operation is made up of several groups of cybercriminals, including those who develop and maintain phishing software and website templates, those who supply lists of targets, and a spammer group that provides tools and infrastructure to send scam texts in bulk. The cybercriminals have stolen at least 36,000 payment cards issued by financial institutions in 95 countries, according to Google. The company accused the people behind Outsider Enterprise of impersonating Google and its brands, infringing its copyright, engaging in racketeering activities, committing wire fraud, and false advertising. With the lawsuit, Google is seeking compensatory and punitive damages, and an order to stop the criminals from carrying out their activities.

Source: techcrunch

Key points

Google is suing a Chinese cybercrime network called Outsider Enterprise for using AI to scam hundreds of thousands of victims.
Outsider Enterprise sent 2.5 million texts to Android users in a two-week period.
55,000 spam texts were flagged by Android users in just two weeks this past May.
Google uses AI-powered tools to detect scams and intercept more than 10 billion scam messages a month.
Since July 2023, Outsider Enterprise’s phishing platform enabled cybercriminals to steal at least an estimated 3,870,000 stolen credit cards and a corresponding estimated $1.9B in losses.
The Outsider platform allegedly offers more than 290 pre-built templates that mimic legitimate websites.
The Outsider software has been used to create over a million phishing websites to swindle innocent victims out of millions of dollars.

Source: TechCrunch Read the original →

WRITTEN BY

Priya Anand

Emerging AI & Applications

Priya covers emerging AI applications and the wider impact of AI across industries.