Google has filed a lawsuit against an alleged China-linked cybercrime group “Outsider Enterprise,” accusing it of using AI-driven phishing tools, fake websites, and scam texts to steal financial data, targeting hundreds of thousands of users globally.
Google has launched legal action aimed at disrupting what it describes as a large-scale, AI-enabled cybercrime network responsible for extensive global phishing and financial fraud operations. The lawsuit targets a group identified as “Outsider Enterprise,” which the company alleges has been using artificial intelligence tools to impersonate major brands, including Google, in coordinated scam campaigns.
According to the tech giant, the cybercriminal network has been responsible for deceiving hundreds of thousands of victims worldwide, resulting in financial losses estimated to run into millions of dollars. The operation reportedly relies on a vast digital infrastructure, including thousands of fake websites and millions of fraudulent domains designed to trick users into revealing sensitive information such as passwords and credit card details.
Massive scale of AI-driven scam infrastructure
Google stated that the group deployed approximately 9,000 counterfeit websites and more than one million deceptive web domains as part of its phishing ecosystem. In a particularly aggressive campaign, around 2.5 million scam text messages were reportedly sent to Android users within a two-week period.
The company also noted a sharp rise in user-reported spam activity, revealing that around 55,000 suspicious messages were flagged within a short span of two weeks earlier this year. This translates to more than two spam complaints every minute, underscoring the scale of the operation.
In response, Google has strengthened its own security systems, deploying AI-based detection mechanisms designed to identify and block fraudulent communications. The company claims these systems help intercept more than 10 billion suspicious messages every month, significantly reducing user exposure to scams.
Google has also partnered with major U.S. telecom operators, including AT&T, T-Mobile, and Verizon, to prevent the spread of fraudulent messages. In addition, it is coordinating with law enforcement agencies such as the FBI to curb the network’s activities.
Inside the alleged cybercrime ecosystem
The FBI, working alongside Google and cybersecurity partners including Lumen’s Black Lotus Labs, has reportedly taken action to seize domains and digital assets linked to the operation. These include phishing-related websites, online storefronts, and accounts allegedly used to test scam infrastructure.
Authorities estimate that since mid-2023, the phishing system associated with the network may have contributed to nearly 3.87 million stolen credit cards, with total losses approaching $1.9 billion. The group is believed to operate through multiple coordinated roles, including software developers, data suppliers, spam distributors, and financial laundering units.
Google’s complaint alleges that the network offers a subscription-based phishing toolkit that enables even non-technical users to launch sophisticated scam campaigns. The platform reportedly includes pre-designed website templates, automated tools for generating fake pages, and dashboards to monitor phishing performance in real time.
Investigators further claim that the system leverages messaging platforms such as Telegram to coordinate activities, share tactics, and recruit participants. The group allegedly uses bulk messaging tools, SIM card banks, and automated systems to distribute scam texts at scale.
Google has accused those behind the operation of impersonation, copyright violations, fraud, and racketeering activities. Through the lawsuit, the company is seeking financial damages and a court order to permanently halt the network’s operations and prevent further cyberattacks.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
