Google’s first big AI-scam lawsuit shows phishing has entered the agent era

AI Security / Cybercrime

Google’s newest anti-scam lawsuit is not just another phishing takedown. It is a warning that cybercrime has crossed into the agent era, where subscription scam kits, messaging infrastructure and generative AI coding tools can turn ordinary phishing templates into industrial-scale fraud operations.

On June 12, Google filed a civil complaint in Manhattan federal court against unknown defendants it describes as foreign-based cybercriminals, believed to be operating from China. The lawsuit targets what Google calls “Outsider Enterprise,” a phishing-as-a-service network that allegedly sold access to a turn-key software suite for as little as $88 per week.

According to Google, Outsider’s software gave criminals more than 290 prebuilt templates mimicking banks, telecom carriers, retailers, government agencies and Google-owned brands. But the most important allegation is that the operation did not stop at static templates. Google says members used Gemini and other AI platforms as coding assistants to create custom phishing pages, then fed that AI-generated code into Outsider’s own editor to produce working scam sites.

From phishing kit to scam operating system

Classic phishing kits are usually thought of as bundles of fake login pages. Outsider, as described in Google’s complaint and reporting from TechCrunch, PYMNTS and BankInfoSecurity, looks closer to a full scam operating system. One group allegedly built and maintained the software. Another supplied target lists. A spammer group handled SIM cards, modems and bulk messaging. Other actors monetized stolen credentials and payment cards.

That structure matters because generative AI becomes more powerful when it is embedded inside a broader workflow. A criminal does not need to ask an AI model to “commit fraud” in plain language. The complaint describes prompts framed as ordinary web-development requests, such as generating a gift redemption page. The output can then be pasted into a phishing platform that already handles branding, data capture, campaign tracking and delivery.

Google says it detected more than 1.59 million URLs linked to Outsider Enterprise between November 14, 2025 and April 14, 2026. In a two-week period in May, Android users flagged 55,000 spam texts connected to the operation, while Google says 2.5 million messages containing links to Outsider-generated websites were sent to Android users.

Why Gemini is central to the story

The lawsuit does not say Gemini was the only model used. It says Outsider members used Gemini and other AI platforms to generate code and customize phishing pages. That distinction is important: Google is both the alleged victim whose brands and infrastructure were abused, and the platform provider whose AI tools were allegedly misused.

For Google, the lawsuit is therefore doing several jobs at once. It seeks to disrupt domains, infrastructure and software distribution. It asserts trademark and racketeering claims. It also sends a message that AI-platform abuse will be treated as part of the cybercrime supply chain, not as a separate moderation footnote.

Google says it is coordinating with the FBI and working with AT&T, T-Mobile and Verizon to block scam texts before they reach phones. TechCrunch reported that the FBI, with Google and Lumen’s Black Lotus Labs, seized domains, Shopify storefronts and a Telegram bot tied to the operation. SecurityWeek reported the takedown was part of the FBI’s Operation Riptide and included about $100,000 in cryptocurrency assets.

The bigger shift: AI-enabled phishing-as-a-service

Google’s threat-intelligence research on Chinese-language phishing services describes a broader ecosystem moving toward real-time interception, OTP capture, digital-wallet provisioning, encrypted-message delivery through RCS and iMessage, localization-as-a-service and AI-powered page generation. In plain terms: scam services are becoming easier to buy, easier to customize and harder to spot.

That is why this lawsuit feels bigger than one named network. It shows how the AI era changes the economics of fraud. A small group can package templates, code generation, delivery infrastructure and stolen-data monetization into a subscription product. Affiliates with limited technical skill can then launch polished campaigns that look local, timely and convincing.

Google says its own AI-powered defenses already intercept more than 10 billion malicious messages each month. The company is also backing federal anti-scam legislation, arguing that litigation alone will not keep pace with organized, cross-border fraud networks.

What to watch next

The immediate question is whether civil lawsuits can disrupt enough infrastructure to change attacker behavior. Domain seizures, restraining orders and trademark claims can raise costs, but phishing-as-a-service networks are designed to rebrand and migrate quickly.

The longer-term question is how AI companies will harden coding assistants against abuse without breaking legitimate software development. The Outsider case suggests the danger often appears downstream: a seemingly normal HTML request becomes harmful only when plugged into a scam platform that handles impersonation, delivery and theft.

For businesses and consumers, the lesson is blunt. The next generation of phishing will not simply have better grammar. It will have better workflows, better localization and faster iteration. Google’s lawsuit is an early signal that the defensive response will need to be just as coordinated.

Sources

• Google Blog: How we’re combatting AI scams with security, legislation and more
• PYMNTS: AI Scam Surge Prompts Google to File Lawsuit
• TechCrunch: Chinese cybercrime operation that used AI to scam hundreds of thousands sued by Google
• DocumentCloud: Google v. Outsider Enterprise complaint
• SecurityWeek: FBI, Google Dismantle ‘Outsider Enterprise’ Phishing Service
• Google Cloud / GTIG: The Evolution of Chinese-Language Phishing Services