Google targets AI-powered cybercrime network

Google has launched legal action against a sophisticated cybercrime operation accused of using artificial intelligence to conduct large-scale phishing attacks, marking one of the most significant private-sector interventions yet against the growing threat of AI-enabled fraud.

Google Targets AI-Powered Cybercrime Network

The lawsuit targets a criminal network known as the Outsider Enterprise, which allegedly operated from China and used phishing-as-a-service tools to impersonate trusted brands, steal payment credentials and harvest sensitive personal information from victims across the United States.

The case highlights how artificial intelligence is transforming the economics of cybercrime, enabling fraudsters to automate attacks, scale operations and lower the technical barriers to entry for aspiring criminals.

Industrialising Fraud Through AI

According to Google, the Outsider Enterprise developed and distributed phishing kits that allowed criminals to create convincing fraudulent websites and launch large-scale SMS phishing, or “smishing”, campaigns.

The operation allegedly used AI tools, including Google’s own Gemini platform, to generate code for counterfeit websites designed to mimic legitimate organisations. These sites were then promoted through text messages claiming to originate from trusted brands, financial institutions and telecommunications providers.

Google says it has identified more than 9,000 fraudulent websites and over one million malicious URLs connected to the network. In a two-week period alone, Android users flagged approximately 55,000 spam messages linked to the operation, while an estimated 2.5 million phishing texts containing malicious links were distributed.

The broader impact is substantial. According to the FBI, the phishing infrastructure has been linked to the theft of millions of payment card details and is estimated to have contributed to losses approaching $1.9 billion since 2023.

Cybercrime as a Service

What makes the Outsider Enterprise particularly concerning is its business model. Rather than conducting attacks directly, the group allegedly provided a commercial platform that allowed other criminals to launch phishing campaigns for a subscription fee.

The service offered pre-built website templates, bulk messaging capabilities, performance analytics and real-time credential harvesting tools. By packaging sophisticated fraud capabilities into an easy-to-use platform, the operation dramatically expanded the number of individuals capable of conducting large-scale cyberattacks.

This reflects a broader trend across the cybercrime ecosystem, where criminal services increasingly mirror legitimate software-as-a-service business models.

A New Front in the Fight Against Digital Fraud

Google is coordinating its efforts with the FBI, telecommunications providers and other industry partners in an attempt to dismantle the network’s infrastructure and disrupt future attacks.

The case also underscores a wider challenge facing the payments industry. As artificial intelligence becomes more accessible, the same technologies driving innovation in commerce and financial services are also being exploited by organised criminal groups.

For banks, merchants and payment providers, the emergence of AI-powered fraud represents a significant escalation in the threat landscape. Traditional security controls remain essential, but increasingly they must be complemented by collaborative intelligence sharing, advanced behavioural analytics and coordinated action across the technology, telecommunications and financial services sectors.

The battle against financial crime is entering a new phase—one in which artificial intelligence is proving to be both a powerful defensive tool and a formidable weapon in the hands of fraudsters.