Google Sues Chinese Cybercrime Ring Using AI-Powered Phishing Kits

Summary

Google has filed a lawsuit against an alleged China-based cybercrime operation known as 'Outsider Enterprise,' which uses AI-powered phishing kits to conduct large-scale fraud. The criminal network operates on Telegram and supplies phishing tools to other fraudsters, enabling them to impersonate Google and other trusted brands through mass text message campaigns. Victims are directed to fake websites designed to steal login credentials, payment card information, and other sensitive data.

According to Google's complaint, the Outsider Enterprise has been linked to over 9,000 fraudulent websites, more than one million malicious URLs, and scams affecting hundreds of thousands of people. The operation leverages AI to generate phishing content more quickly and at greater scale, allowing criminals to push more scams with less effort. During a two-week period in May alone, Android users flagged over 55,000 spam texts linked to the operation, while Google detected approximately 2.5 million messages containing links to Outsider-controlled websites.

The lawsuit is part of a coordinated law enforcement effort involving the FBI and major US telecom providers (AT&T, T-Mobile, and Verizon) to disrupt the infrastructure supporting these campaigns and block malicious messages before they reach users. While the alleged operators may never face prosecution, the legal action aims to dismantle the criminal infrastructure and business model.

• Google coordinated with the FBI, AT&T, T-Mobile, and Verizon to disrupt the criminal infrastructure and prevent malicious messages from reaching users