The lawsuit targets a five-group criminal enterprise that generated 1.59 million fraudulent URLs and sent 2.5 million smishing texts to Android users in a two-week period.

 

What happened

Google has filed a lawsuit in Manhattan federal court against a Chinese cybercrime network accused of weaponizing its Gemini AI model to build phishing pages and run a large-scale SMS phishing operation targeting Americans. According to The Hacker News, the network operates a phishing-as-a-service platform called Outsider that allows criminal operators to generate fraudulent websites, launch smishing campaigns, and steal credit card numbers, bank account credentials, and personal data for as little as $88 per week. Google identified 9,000 fake websites and more than 1.59 million fraudulent URLs tied to the service between November 2025 and April 2026. In a two-week period from May 18 to June 1, 2026, alone, Outsider was responsible for 55,000 spam texts flagged by Android users and 2.5 million messages sent containing links to Outsider-generated sites. The FBI estimated the platform has been responsible for at least 3,870,000 stolen credit cards and approximately $1.9 billion in losses since July 2023. As part of a joint law enforcement action called Operation Ghost Hook, thousands of phishing domains have been seized and rerouted to an FBI splash page, approximately $100,000 in cryptocurrency has been confiscated, and Google is partnering with AT&T, T-Mobile, and Verizon to block Outsider messages from reaching customers.

 

Going deeper

Outsider is structured as a five-group criminal enterprise with distinct operational roles. A developer group supplies the phishing software and more than 290 pre-built templates impersonating legitimate institutions. A data broker group provides curated target lists. A spammer group handles bulk SMS delivery. A theft group monetizes stolen credentials and launders funds. A Telegram group manages coordination and recruitment, and the platform is sold through a self-service ordering bot on Telegram and includes real-time keystroke logging and a campaign performance dashboard. The AI component works through prompt engineering rather than direct platform abuse, operators follow step-by-step instructions that frame requests to Gemini and other AI tools as harmless programming assistance, asking the model to generate HTML for a gift redemption page with specific functionality. The resulting code is then pasted into Outsider's infrastructure to create a functional credential-harvesting site. Google stated the prompts deliberately avoid raising content flags by framing the requests as generic web design tasks rather than explicitly describing their fraudulent purpose.

 

What was said

Google stated in its complaint that the network "weaponized Gemini to help generate fraudulent phishing pages and deploy massive SMS phishing attacks, often through text messages impersonating legitimate brands, alerting recipients of brokerage account issues or insisting they are eligible for rewards through their mobile phone carrier." FBI Cyber Division Assistant Director Brett Leatherman stated in the Operation Ghost Hook announcement that "the criminals behind the Outsider Enterprise built a business out of impersonating trusted brands to defraud hundreds of thousands of victims. Criminals increasingly use AI to make fraud like this more convincing and harder to detect."

 

In the know

Operation Ghost Hook is part of a broader FBI initiative called Operation Riptide, described as an ongoing campaign targeting criminal actors, infrastructure, and financial networks behind cybercrime and fraud against Americans. Google filed a separate lawsuit seven months earlier against a different China-based group behind a PhaaS platform called Lighthouse that ensnared more than one million users across 120 countries. The two lawsuits establish Google as an active civil litigant against PhaaS operators that abuse its infrastructure, following the legal model Microsoft has used to disrupt criminal networks, including Fox Tempest and Tycoon2FA. According to The Hacker News, the FBI also used an Outsider Telegram bot during the investigation to obtain information on the network's customer base, a tactic that allowed law enforcement to identify downstream operators using the service.

 

The big picture

The Outsider case documents AI being used to generate the web infrastructure that phishing attacks depend on. The distinction matters for defenders, blocking known malicious code patterns does not stop a phishing page whose HTML was generated by a legitimate AI coding assistant on demand and deployed fresh for each campaign. Healthcare organizations whose staff receive smishing texts impersonating insurers, carriers, or financial institutions face the same exposure as the general consumer population, with one compounding factor: healthcare workers often receive legitimate urgent communications about benefits, claims, and account status through the same channels Outsider impersonates. According to Paubox's Shadow AI report, 95% of healthcare organizations report staff using unapproved AI tools, and the Outsider case shows that the risk from AI in the phishing context is not limited to tools staff choose to use. It extends to AI being used against them in campaigns specifically designed to exploit the trust placed in familiar brand communications.

 

FAQs

How did the Outsider network use Gemini without triggering content safety filters?

Operators framed requests as generic programming tasks, asking Gemini to generate HTML code for a gift redemption page with specific design features rather than describing the fraudulent purpose. AI models assess requests based on what is explicitly described, and a request to design a webpage with payment fields and branding elements does not trigger safety filters even when the intent is to deploy it as a phishing site.

 

What is smishing, and why is it harder to defend against than email phishing?

Smishing is phishing delivered through SMS text messages rather than email. Mobile devices typically lack the enterprise security tools deployed on corporate email systems, text messages carry higher inherent trust than emails from unknown senders, and mobile browsers provide less visual context for identifying fraudulent URLs than desktop browsers. SMS also bypasses most email security gateways entirely.

 

What does Google's lawsuit try to achieve beyond the criminal prosecution?

Civil lawsuits allow Google to obtain court orders that dismantle infrastructure, freeze assets, and compel the transfer of domains, even when criminal prosecution is not immediately possible due to jurisdictional limitations. Google can pursue injunctions against US-based hosting providers and domain registrars that support the network regardless of whether the operators themselves can be arrested.

 

Why does an $88 per week subscription price matter for assessing the threat?

Low subscription costs eliminate financial barriers for entry-level criminal operators who could not previously afford to run professional-grade phishing campaigns. At $88 per week, even an operator targeting a small number of victims can generate a positive return, which dramatically expands the pool of people willing to use the service and the total volume of campaigns running simultaneously.

 

What should organizations tell staff about protecting themselves from smishing?

Any text message creating urgency about a financial account, rewards eligibility, or account verification should be treated as suspicious, regardless of how legitimate the sender appears. Staff should verify any such message by going directly to the organization's or institution's official website through a manually typed URL rather than clicking the link in the message, and should report suspicious texts to their IT security team before taking any action.