Google Sues Phishing Ring That Weaponized Gemini AI
A Chinese cybercrime network sold $88/week phishing kits that used Google's own Gemini AI to generate fake sites impersonating banks, carriers, and government agencies at scale.
7 min read
The network ran like a software company. New version releases every few weeks. Changelog posts in Telegram. Customer support channels. A branded product name: Outsider. The only thing that set it apart from a typical developer-tools startup was the product itself - a phishing kit that used Google's own Gemini to produce convincing fake websites in minutes, at a cost of $88 per week.
On June 12, Google filed suit in the U.S. District Court for the Southern District of New York against the operators of the Outsider Enterprise, a China-based cybercrime network accused of running a phishing-as-a-service platform fueled partly by Gemini AI. Google called it the company's first coordinated legal action specifically targeting Gemini misuse.
TL;DR
- "Outsider Enterprise," a China-based phishing-as-a-service ring, sold subscriptions from $88/week with 290 prebuilt fraud templates
- Subscribers were instructed to prompt Gemini to write custom HTML for fake sites, then import the code directly into the platform
- Google detected 1.59 million malicious URLs between November 2025 and April 2026; 9,000 fake websites; 2.5 million fraudulent texts in two weeks
- Filed under RICO and the Lanham Act in SDNY; FBI, AT&T, T-Mobile, and Verizon coordinating on disruption
- First lawsuit Google has brought against defendants specifically for weaponizing Gemini
A Subscription Business Selling Fraud
Outsider offered a full stack for operators with no technical background. The basic tier started at $88 per week and included access to 290 prebuilt templates impersonating brokerage firms, mobile carriers, shipping companies, state DMVs, toll authorities, and government portals. No coding required: the platform handled credential harvesting, keystroke logging, multifactor authentication bypass, and real-time dashboards showing victim activity as it unfolded.
Development ran through encrypted Telegram channels. One account identified in the complaint as @sinkinto01 released the current Outsider version in July 2025 and pushed at least 75 updates since. Stolen financial data - account numbers, card details, personal identification - was automatically backed up to Google Drive accounts controlled by the network.
How the MFA Bypass Worked
The kit included adversary-in-the-middle capabilities. When a victim entered a one-time passcode on a fake login page, the Outsider platform relayed it to the real site before the token expired. The victim saw a convincing copy of the login flow; the operator completed authentication on the real account in real time. This made two-factor authentication nearly useless against the kit.
How They Used Gemini
The complaint includes screenshots from tutorial videos distributed within the network showing exactly how operators used AI. Subscribers were directed to prompt Gemini to write custom HTML for specific phishing pages - gift redemption landing pages, package delivery confirmations, toll collection notices - then import that code into the Outsider platform. A phishing page that previously needed a developer now took minutes.
Google alleged in the filing that "The Enterprise encourages scammers to use AI platforms, such as Google's Gemini, to write the custom code necessary to create their shell websites."
The use of generative AI didn't only lower the skill floor. It also meant that every template could be customized to match regional URLs, local agency formatting, or the exact branding of any financial institution. The 290 prebuilt templates served as starting points. Gemini was the customization engine. This pattern lines up with the broader misuse trends surfaced in earlier Gemini security incidents - once a model is accessible at scale, adversaries find ways to use it as a force multiplier.
Toll agency impersonation SMS - the Outsider kit's most-launched template type. Victims were directed to credential-harvesting pages styled to match their state's toll authority.
Source: malwarebytes.com
The Scale
Between November 2025 and April 2026 alone, Google's systems detected the following activity from the Outsider Enterprise:
| Metric | Count |
|---|---|
| Malicious URLs detected | 1,590,000+ |
| Fake websites created | 9,000+ |
| Fraudulent texts (2-week window, May 2026) | 2,500,000 |
| Android spam flags in same window | 55,000 |
| Victims impacted | Hundreds of thousands |
| Prebuilt templates | 290 |
Fraud losses from phishing at this scale run into the millions. Google's own estimate puts U.S. cryptocurrency fraud losses at over $11 billion in 2025 alone. The Outsider network targeted a broader range of financial behaviors - not just crypto, but banking credentials, payment cards, and government account access.
Toll Fraud - The kit's most widely launched templates impersonated E-ZPass and state DMV portals. Victims received SMS texts claiming unpaid tolls or registration fees and were sent to pages that harvested payment card data and personal identification numbers.
Carrier Impersonation - A second cluster of templates mimicked mobile carrier login pages, targeting account credentials useful for SIM-swap attacks or resale on secondary markets.
Financial Phishing - Brokerage firm lookalike pages combined credential harvesting with real-time MFA relay, using the adversary-in-the-middle capability to complete authentication before the victim noticed anything wrong.
Government Services - NYC government service portals, USPS package delivery confirmations, and generic government agency pages gave operators flexibility for targeted regional campaigns.
The Legal Argument
Google filed under two statutes. The Racketeer Influenced and Corrupt Organizations Act (RICO) applies because the Outsider network functioned as an ongoing organized criminal enterprise with defined roles, shared infrastructure, and profit distribution across multiple operators. The Lanham Act covers trademark infringement: building pages that pass as Google, YouTube, USPS, and other registered brands.
Google is seeking damages and an injunction to take down the network's infrastructure. The SDNY venue provides access to emergency injunctive relief mechanisms and established precedent on RICO-based civil tech litigation. It is the same court where Google filed its 2025 Lighthouse lawsuit against an earlier phishing-as-a-service ring; that suit disrupted the Lighthouse platform within 24 hours.
Coordinated Response
The lawsuit is one part of a broader joint operation. Verizon, AT&T, and T-Mobile are working with Google to identify and block Outsider-linked domains. The FBI is investigating the network's operators. The complaint identifies the defendants as China-based, which makes this a transnational cybercrime matter with consequences beyond civil litigation.
Google is also pushing seven bipartisan legislative proposals in parallel, including the National Strategy for Combatting Scams Act and the STOP Scams Against Seniors Act. Both bills would create federal coordination structures for exactly this type of cross-platform, cross-carrier fraud operation - an area where Google's playbook of filing civil suits and coordinating with telecoms currently substitutes for the statutory framework that doesn't yet exist.
Google filed the Outsider Enterprise lawsuit from its Mountain View headquarters, coordinating with the FBI and all three major U.S. carriers.
Source: unsplash.com
"This is our first coordinated effort and lawsuit" targeting Gemini misuse, Google's general counsel said in a statement, adding that the company expects the action to signal to other operators running AI-assisted fraud infrastructure that the cost of the model is not the only cost of misusing it.
This matters beyond the immediate case. Google's admission that its own AI was used to industrialize phishing at this scale is an uncomfortable data point for every model provider currently racing to make their tools as accessible as possible. OpenAI's Daybreak and Anthropic's Claude Security programs both represent the industry's attempt to address the defensive side of this equation. The Outsider lawsuit is a reminder that there is an offensive side too.
What You Should Do Right Now
- Ignore texts about unpaid tolls or delivery fees. Outsider's most-rolled out templates impersonate E-ZPass and USPS. Go directly to the official site rather than tapping any link in a SMS.
- Don't enter MFA codes on pages reached through a text link. Adversary-in-the-middle attacks harvest one-time codes in real time; the fake page relays them before they expire.
- Audit recent account access logs for financial institutions, carriers, and government service accounts. The network was active since at least November 2025.
- Flag suspicious texts on Android using the built-in spam reporting feature. Google uses these reports to identify campaigns faster and build detection signatures.
- Set up transaction alerts on any financial accounts. Even if credentials were captured, an instant alert gives a narrow window to freeze an account before transactions clear.
Sources:
- Google sues suspected AI scam network in joint crackdown with FBI, telecom giants - Washington Examiner
- Google sues Chinese scammers using Gemini AI for fraud - Engadget
- Google files lawsuit against Chinese cybercrime group over Gemini AI abuse - The News
- Google's June 2026 fraud and scams advisory - Google Blog
- 1 million victims, 17,500 fake sites: Google takes on toll-fee scammers - Malwarebytes (2025 Lighthouse lawsuit)
- Google sues Chinese scam ring over E-ZPass and USPS phishing texts - NBC News
