Google has initiated a groundbreaking lawsuit against a China-based cybercrime syndicate known as the “Outsider Enterprise.” This marks the first instance where the tech giant has legally pursued threat actors for exploiting its own Gemini AI platform to orchestrate extensive phishing campaigns targeting U.S. consumers.
The Outsider Enterprise operates as a sophisticated phishing-as-a-service (PhaaS) platform, coordinating activities through Telegram channels and providing ready-made phishing kits to criminal affiliates. This infrastructure enables individuals with minimal technical expertise to swiftly deploy convincing scam websites impersonating trusted brands such as Google, YouTube, the U.S. Postal Service, financial institutions, state Departments of Motor Vehicles, and toll agencies like New York’s E-ZPass. The network boasts a library of over 290 prebuilt templates, facilitating rapid and widespread fraudulent activities.
Exploitation of Gemini AI in Cyberattacks
A distinguishing aspect of this operation is its deliberate misuse of artificial intelligence. According to Google’s complaint, members of the Outsider Enterprise actively encouraged each other to utilize Gemini AI to generate custom code for phishing websites. This code was then imported directly into the Outsider software suite and converted into live scam pages. This approach effectively industrialized fraud by lowering the technical barrier to near-zero, transforming Google’s own generative AI into a tool for mass-producing malicious code.
The scale of the damage is substantial:
- In a two-week period in May 2026, 2.5 million smishing messages were sent to Android users.
- During the same timeframe, Android users flagged 55,000 spam texts, averaging more than two complaints per minute.
- The network is linked to over 9,000 fake websites and more than 1 million fraudulent URLs.
- Hundreds of thousands of victims suffered financial losses, with total damages estimated in the millions.
Google filed the complaint in the U.S. District Court for the Southern District of New York, seeking damages and injunctive relief under the Racketeer Influenced and Corrupt Organizations (RICO) Act and the Lanham Act. The Federal Bureau of Investigation’s Cyber Division is conducting parallel law enforcement actions, acknowledging that criminals increasingly use AI to make fraud more convincing and harder to detect. Google is also collaborating with major telecommunications carriers, including AT&T, T-Mobile, and Verizon, to intercept and block fraudulent messages at the carrier level before they reach end users.
In addition to legal actions, Google is advocating for legislative measures to combat AI-driven scams. The company supports seven bipartisan bills targeting such scams, including the Stop SCAMS Act, which aims to create a national coordinated strategy uniting law enforcement, government agencies, and private industry to combat transnational cybercrime rings.
On the product front, Google’s AI-powered scam detection on Android actively flags suspicious conversations during calls, while built-in messaging defenses currently intercept more than 10 billion malicious messages monthly. The company has also disabled Gemini accounts and infrastructure confirmed to be linked to the abuse of the model.
This lawsuit sets a significant legal precedent: AI platforms can and will be used as enforceable grounds for civil litigation when threat actors abuse generative models to scale criminal operations. It underscores the dual-edged nature of AI technologies, which, while offering substantial benefits, can also be exploited for malicious purposes. As AI continues to evolve, it is imperative for technology companies, lawmakers, and law enforcement agencies to collaborate closely to develop robust safeguards against such abuses.
