Google Sues Chinese AI Scam Ring Outsider Enterprise

By iCharles News · June 16, 2026

Google filed a civil lawsuit against Outsider Enterprise, an alleged Chinese AI-powered phishing ring behind 1.59 million malicious URLs, 3.87 million stolen credit cards, and $1.9 billion in estimated losses since July 2023.

Google Sues Chinese AI Scam Ring Outsider Enterprise

What Is Outsider Enterprise?

Google filed a civil lawsuit on June 12, 2026, against an alleged Chinese cybercrime network called Outsider Enterprise. The group used AI to run a large-scale phishing operation. It hit hundreds of thousands of victims. Losses are estimated in the millions.

According to Google's complaint, reported by TechCrunch, the group built and sold a "phishing-for-dummies" software suite. The kit lets buyers with little technical skill spin up fake websites and run SMS phishing campaigns. It costs $88 per week or $200 per month.

We're tracking this case closely because it marks one of the clearest examples yet of AI being packaged and sold as criminal infrastructure.

How Big Was the Operation?

Google detected more than 1.59 million URLs tied to the operation over five months — from November 14, 2025, to April 14, 2026. The FBI told TechCrunch that since July 2023, the platform enabled criminals to steal at least 3.87 million credit cards, with losses of roughly $1.9 billion.

Metric	Figure
Fraudulent web domains	Over 1 million
Fake websites deployed	9,000
Scam texts sent to Android users (two weeks)	2.5 million
Android spam text reports (May, two weeks)	55,000
Stolen credit cards (since July 2023)	At least 3,870,000
Estimated losses (since July 2023)	$1.9 billion
Countries with affected payment cards	95
Pre-built phishing templates	More than 290

How Did AI Power the Scams?

The Outsider software used AI platforms — including Google's own Gemini — to build convincing fake websites fast. The platform generates replicas of real sites in minutes. It also provides guides on using AI-generated code for attacks.

The group impersonated telecom providers, banks, government agencies, and retailers. Victims were lured by malicious texts or paid ads. They were then tricked into entering passwords, multi-factor codes, and payment data. That data moved through Outsider's platform as victims typed it.

Goldman Sachs: AI "Buy Everything" Era Is Over

SpaceX Secures $60B Option to Acquire Cursor

OpenAI Confidentially Files for IPO at $852B Value

Anthropic ID Checks May Unlock Fable for US Users

Criminals coordinated openly on Telegram. As Google wrote in its complaint: "The Enterprise brazenly coordinates its efforts in open and largely uncoded discussions on Telegram."

This pattern connects to a wider threat. China-linked hackers have run long espionage campaigns against research institutions in the US and Canada using similar tradecraft.

Who Made Up the Network?

Google's complaint describes four distinct groups inside the operation:

Developers who built and maintained the phishing software and templates
Data suppliers who sourced target lists from public records, social media, and data breaches
Spammers who operated smartphone banks, SIM cards, and modems to send bulk texts
Monetizers who cashed out stolen credentials and laundered the money

The real identities of those involved are unknown. Google general counsel Halimah DeLaine Prado said the group operates out of China and runs logistics through encrypted Telegram channels.

What Did the FBI Do?

The FBI's Cyber Division is pursuing the individuals behind the operation under Operation Ghost Hook, part of the broader Operation Riptide campaign. Working with Google and Lumen's Black Lotus Labs, the FBI seized domains used by the criminals. It also seized Shopify storefronts and accounts used to test the phishing service.

FBI Assistant Director Brett Leatherman said criminals are using AI to make fraud more convincing and harder to detect. He argued that joint action between industry and law enforcement is the only real counter.

Google is also partnering with AT&T, T-Mobile, and Verizon on network-level filtering. Android's built-in defenses already intercept more than 10 billion malicious messages per month worldwide.

The criminals allegedly used Google Drive and Google Cloud to host their phishing sites — a detail that adds weight to the copyright and racketeering claims in Google's complaint.

The Outsider kit used AI observability gaps as an attack vector. It exploited AI-generated code to build and deploy phishing pages at scale — a reminder that monitoring AI output matters for security, not just product quality.

What Legal and Legislative Steps Is Google Taking?

Google is seeking compensatory and punitive damages. It also wants a court order to stop the criminal activity. The company accused those behind Outsider Enterprise of impersonating Google brands, copyright infringement, racketeering, wire fraud, and false advertising.

Google is also backing seven bipartisan federal bills. Congressmen Brian Fitzpatrick and Josh Harder are pushing the Stop SCAMS Act, which aims to coordinate federal, state, and industry efforts. The six other bills Google supports are:

National Strategy for Combatting Scams Act
Strategic Task Force on Scam Prevention Act
AI Plan Act
STOP Scams Against Seniors Act
Artificial Intelligence Public Awareness and Education Campaign Act
Stop Schemes, Cyber Fraud, Abuse, Manipulation, and Swindles (SCAMS) Act

The lawsuit, FBI seizures, carrier partnerships, and legislative push are all moving at the same time. The Justice Department's own actions against China-linked web infrastructure show this is part of a broader federal pattern — not a one-off case.

The abuse of Google's Gemini in this operation also raises questions about how AI safety moves across the industry can address downstream misuse before it reaches criminal scale.

<script type="application/ld+json">
[
  {
    "@context": "https://schema.org",
    "@type": "NewsArticle",
    "headline": "Google Sues Chinese AI Scam Ring Outsider Enterprise",
    "datePublished": "2026-06-15",
    "author": {
      "@type": "Person",
      "name": "iCharles Staff"
    },
    "publisher": {
      "@type": "Organization",
      "name": "iCharles",
      "url": "https://icharles.com"
    },
    "description": "Google sued Chinese cybercrime group Outsider Enterprise on June 12, 2026, after the AI-powered phishing ring stole 3.87M credit cards and caused $1.9B in losses.",
    "url": "https://icharles.com/articles/google-sues-outsider-enterprise-ai-scam"
  },
  {
    "@context": "https://schema.org",
    "@type": "Person",
    "name": "Halimah DeLaine Prado",
    "jobTitle": "General Counsel",
    "worksFor": {
      "@type": "Organization",
      "name": "Google"
    }
  },
  {
    "@context": "https://schema.org",
    "@type": "FAQPage",
    "mainEntity": [
      {
        "@type": "Question",
        "name": "What is Outsider Enterprise?",
        "acceptedAnswer": {
          "@type": "Answer",
          "text": "Outsider Enterprise is an alleged Chinese cybercrime network sued by Google on June 12, 2026. The group sold AI-powered phishing kits for $88 per week or $200 per month, letting buyers with little technical skill create fake websites and run SMS scam campaigns targeting hundreds of thousands of victims."
        }
      },
      {
        "@type": "Question",
        "name": "How many credit cards did Outsider Enterprise steal?",
        "acceptedAnswer": {
          "@type": "Answer",
          "text": "According to the FBI, since July 2023 the Outsider platform enabled criminals to steal at least 3,870,000 credit cards. Estimated losses tied to those thefts reached approximately $1.9 billion. Stolen cards came from financial institutions in 95 countries."
        }
      },
      {
        "@type": "Question",
        "name": "What is Operation Ghost Hook?",
        "acceptedAnswer": {
          "@type": "Answer",
          "text": "Operation Ghost Hook is the FBI Cyber Division's effort to identify and pursue the individuals behind Outsider Enterprise. It is part of the broader FBI campaign called Operation Riptide. As part of this effort, the FBI seized domains, Shopify storefronts, and accounts used to test the phishing service."
        }
      },
      {
        "@type": "Question",
        "name": "How did Outsider Enterprise use Google's own AI tools?",
        "acceptedAnswer": {
          "@type": "Answer",
          "text": "The Outsider software used AI platforms including Google's Gemini to help operators build fake websites quickly. The platform could generate replicas of real sites in minutes and provided guides on using AI-generated code for attacks. Criminals also used Google Drive and Google Cloud to host phishing sites."
        }
      },
      {
        "@type": "Question",
        "name": "What laws is Google backing to fight AI scams?",
        "acceptedAnswer": {
          "@type": "Answer",
          "text": "Google is publicly supporting seven bipartisan federal bills. These include the Stop SCAMS Act, pushed by Congressmen Brian Fitzpatrick and Josh Harder, plus the National Strategy for Combatting Scams Act, the AI Plan Act, the STOP Scams Against Seniors Act, and three additional related acts targeting fraud and AI misuse."
        }
      }
    ]
  }
]
</script>

Frequently asked questions

What is Outsider Enterprise?: Outsider Enterprise is an alleged Chinese cybercrime network sued by Google on June 12, 2026. The group sold AI-powered phishing kits for $88 per week or $200 per month. Buyers with little technical skill could create fake websites and run SMS scam campaigns. The operation hit hundreds of thousands of victims, with losses estimated in the millions of dollars.
How many credit cards did Outsider Enterprise steal?: According to the FBI, since July 2023 the Outsider platform enabled criminals to steal at least 3,870,000 credit cards. Estimated losses tied to those thefts reached approximately $1.9 billion. Stolen cards came from financial institutions across 95 countries. Google also found more than 1.59 million connected URLs over a five-month monitoring window.
What is Operation Ghost Hook?: Operation Ghost Hook is the FBI Cyber Division's effort to identify and pursue the individuals behind Outsider Enterprise. It is part of the broader FBI campaign called Operation Riptide. The FBI, working with Google and Lumen's Black Lotus Labs, seized domains, Shopify storefronts, and accounts used to test the phishing service as of the June 12 announcement.
How did Outsider Enterprise use Google's own AI tools?: The Outsider software used AI platforms including Google's Gemini to help operators build fake websites quickly. The platform generated replicas of real sites in minutes and provided guides on using AI-generated code for attacks. Criminals also used Google Drive and Google Cloud infrastructure to host their phishing sites, adding to the copyright and racketeering claims in Google's lawsuit.
What legislation is Google backing to fight AI scams?: Google is publicly supporting seven bipartisan federal bills. These include the Stop SCAMS Act, pushed by Congressmen Brian Fitzpatrick and Josh Harder, plus the National Strategy for Combatting Scams Act, the AI Plan Act, the STOP Scams Against Seniors Act, the Strategic Task Force on Scam Prevention Act, the Artificial Intelligence Public Awareness and Education Campaign Act, and the Stop Schemes, Cyber Fraud, Abuse, Manipulation, and Swindles Act.

Sources

Google's complaint, reported by TechCrunch techcrunch.com
Justice Department's own actions justice.gov

Keep reading

Meta Launches AI Mode and Muse Spark on Facebook

ARIAM Launches AI Content Coalition With Disney, NYT, Adobe

SpaceX Overtakes Amazon Four Days After IPO

Zuckerberg Admits Meta Made Mistakes in AI Workforce Shift

0 Comments

Not a member yet? Join the community