.png?w=1024)
You've seen the texts. "Your package is held." "Your toll is overdue." "Suspicious activity on your account." You probably deleted them without clicking.
Smart. Because the operation behind them just got sued by Google… and the numbers are staggering.
Google filed a lawsuit against Outsider Enterprise, a China-based cybercrime network accused of using Gemini (Google's own AI) to mass-produce phishing websites and flood American phones with fraudulent texts. It's the first time Google has ever sued bad actors specifically for misusing Gemini to run scams.
Here's what happened:
- In just two weeks in May, Outsider Enterprise sent 2.5 million scam texts to Android users, generating 55,000 spam complaints.
- The FBI estimates the group has stolen 3.87 million credit card numbers and caused roughly $1.9 billion in losses since July 2023.
- Google identified over 9,000 fake websites and 1.5 million fraudulent URLs linked to the operation.
- The group used Gemini to generate HTML code for convincing fake sites impersonating Google, YouTube, the US Postal Service, banks, and toll agencies.
- They ran it like a franchise: a subscription phishing toolkit on Telegram, starting at $88/week, with 290+ prebuilt templates that any non-technical criminal could deploy in minutes.
Why this matters
Before AI, building a convincing fake website took a coder and a few hours. Outsider Enterprise cut that to minutes, then sold the ability to anyone with $88 and a Telegram account.
The business model here is the alarming part. Outsider Enterprise also sold the toolkit to other criminals. Any non-technical buyer could log in to Telegram, pay $88/week, pick a template that impersonates their bank or the USPS, and start harvesting credit card numbers. Gemini was the production engine that generated convincing fake pages faster than any human team could.
Google is now coordinating with the FBI and has partnered with AT&T, T-Mobile, and Verizon to block the traffic. It's also backing seven bipartisan bills in Congress targeting AI-enabled scams.
Our take
The uncomfortable detail is that Outsider Enterprise used Google's own infrastructure throughout, with Gemini for content, Google Cloud to host the fake sites, Google Drive to store the stolen data. Google suing them is the right call. But it's also a useful reminder that the same AI tools that make your work faster are being rented out on Telegram for $88 a week to steal credit card numbers.
The scam texts will slow down. The toolkit still exists.
On a tangent, if you want to understand how AI models get stacked and routed under the hood, we broke down OpenRouter's new Fusion API, which lets you run prompts through multiple models at once and synthesize the best answer. Good explainer on where AI infrastructure is quietly heading. Read it here.
Editor’s note: This article originally appeared on our sister publication, The Neuron.