Google on Friday said it’s pursuing legal action against a Chinese cybercrime network, accusing it of using its Gemini artificial intelligence (AI) agent to send phishing text messages targeting Americans.
The network is said to be behind the development and management of a phishing-as-a-service (PhaaS) software kit called Outsider, per the tech giant.
“The operation weaponized Gemini to help generate fraudulent phishing pages and deploy massive SMS phishing (‘smishing’) attacks, often through text messages impersonating legitimate brands, alerting recipients of ‘brokerage account issues’ or insisting they are eligible for ‘rewards through their mobile phone carrier,'” Google said.
“The texts prompt users to click a link leading to a fraudulent website that mimics trusted institutions to steal personal and financial information.”
Google said it’s filing the lawsuit to dismantle the network’s infrastructure, and that it’s partnering with AT&T, T-Mobile, and Verizon to block such messages from reaching customers.
Outsider’s operations, according to the company, are coordinated through Telegram, with the network distributing phishing kits that make it possible for threat actors to push fake text messages that claim to be from trusted brands. These schemes are estimated to have victimized more than 100,000 people, leading to millions of dollars in losses.
In addition, 9,000 fake websites and more than 1.59 million fraudulent URLs tied to the phishing service have been identified between November 14, 2025, and April 14, 2026. In a two-week period from May 18 to June 1, 2026, Outside was responsible for 55,000 spam texts flagged by Android users.
During the same timeframe, 2.5 million messages were sent by the network to Android users containing links to Outsider-generated websites. For as little as $88 a week (or $200 a month), the kit allowed criminals to create fraudulent websites, launch phishing campaigns, and steal victims’ credit card numbers, bank account credentials, and personal data. A license can be purchased via a “self-service ordering bot” on Telegram (@OutsiderCodeBot).
The service also offers more than 290 pre-built templates that impersonate legitimate websites of trusted institutions, real-time keystroke logging, and a performance dashboard to track the effectiveness of a campaign.
“As if Outsider’s plug-and-play simplicity were not alarming enough, the Enterprise has made the tool even more powerful by providing step-by-step instructions on how Outsider can weaponize AI-generated code,” Google said in its complaint filed in Manhattan federal court.
“Following those instructions, Enterprise members can use AI tools to generate programming code for a shell website, and copy and paste that code into Outsider to transform that shell into a fraudulent site that can be used to steal personal or financial information from their victims.”
Google said the prompts for Gemini and other AI platforms are framed as harmless requests for programming assistance, asking the model to generate HTML code to design a “gift redemption page” with the desired functionality and features, and instructing it to avoid using JavaScript and employ inline CSS to implement it. Once the counterfeit website is online, its URL is sent to potential victims via text messages.
The Outsider Enterprise is said to include a number of interconnected groups that play different roles, but collaborate to execute phishing attacks using the phishing kit. These include –
- The Developer Group, which supplies the phishing software and templates
- The Data Broker Group, which provides curated lists of people to target
- The Spammer Group, which provides the tools to send fraudulent text messages in bulk
- The Theft Group, which helps monetize stolen information (e.g., credit cards and credentials) and launder funds from stolen credit cards
- The Telegram Group, which facilitates collaboration among members and recruits new members
The advantage with such services, as in the case of recently disrupted Sniper Dz, is that they dramatically lower the barrier to entry for novice fraudsters lacking programming knowledge, who can leverage them to mount convincing phishing attacks with minimal effort and at scale.
“The criminals behind the Outsider Enterprise built a business out of impersonating trusted brands to defraud hundreds of thousands of victims,” said Brett Leatherman, assistant director of the U.S. Federal Bureau of Investigation’s (FBI) Cyber Division. “Criminals increasingly use AI to make fraud like this more convincing and harder to detect.”
The FBI said the PhaaS platform accounted for at least an estimated 3,870,000 stolen credit cards and a corresponding estimated $1.9 billion in losses between July 2023 and the present. As part of a joint takedown called Operation Ghost Hook, a number of domains, including a Shopify e-commerce storefront and an account used to test the phishing service, have been seized.
In tandem, approximately $100,000 USDT from Outsider payment wallets have been confiscated, along with disrupting thousands of phishing domains from U.S. providers, rerouting them to an FBI splash page. The law enforcement agency also said it leveraged an Outsider Telegram bot to obtain information on the cybercrime network’s customers.
Operation Ghost Hook is part of Operation Riptide, which the FBI described as an ongoing campaign targeting the “criminal actors, infrastructure, and financial networks behind cybercrime, cyber-enabled crime, and fraud against the American people.”
The development comes exactly seven months after Google filed another lawsuit in the U.S. against China-based hackers behind a massive Phishing-as-a-Service (PhaaS) platform called Lighthouse that ensnared over 1 million users across 120 countries.
Update
The Telegram bot (@OutsiderCodeBot) used to purchase Outsider licenses is no longer accessible.
