Google Sues Chinese Cybercrime Operation: Inside the AI-Powered Scam Text Lawsuit (2026)

AI OVERVIEW SUMMARY

Google sued a Chinese cybercrime operation called the Outsider Enterprise on June 12, 2026, alleging it used AI tools, including Google’s Gemini, to mass-produce phishing websites and scam texts. The group created over 9,000 fake sites and sent 2.5 million scam texts to Android users in two weeks, defrauding hundreds of thousands of victims. It was Google’s second such lawsuit in seven months, after the November 2025 case against Lighthouse, which compromised up to 115 million credit cards. Both cases use the RICO Act.

Google Just Sued the Scammers Behind Those Fake Package Texts

You know the texts. A fake alert about a stuck package. An urgent warning about an unpaid toll. A panicked message saying your account was hacked.

Behind those messages sits a real criminal network. And Google sued a Chinese cybercrime operation to shut it down.

On June 12, 2026, Google filed a major lawsuit against a China-based group it calls the “Outsider Enterprise.” The complaint accuses the group of using artificial intelligence, including Google’s own Gemini AI, to mass-produce phishing websites and flood American phones with scam texts.

This is the second time in seven months that Google has taken a Chinese smishing network to court. In November 2025, the company sued a separate operation called Lighthouse. Both cases are reshaping how big tech fights digital fraud.

This guide breaks down both lawsuits, the AI angle that makes the new case so important, and what it means for you. Every figure here comes from Google’s own complaints, court filings, and verified reporting.

What Happened: Google’s Lawsuit Against the Outsider Enterprise

The newest case is the headline. Here is exactly what Google alleges.

The Basics of the Case

Google filed the lawsuit on June 12, 2026, in the U.S. District Court for the Southern District of New York. The case is officially named Google v. Does 1-25, because Google does not yet know the real names of the people behind the operation. It only knows their online handles.

The target is a group Google calls the Outsider Enterprise. Google describes it as a China-based Chinese cybercrime operation that runs a “phishing-as-a-service” business.

The Scale Is Staggering

The numbers in Google’s complaint show how big this operation grew:

Metric	Figure
Fake websites created	More than 9,000
Fraudulent URLs	Over 1 million
Scam texts sent (2-week period in May)	2.5 million
Spam texts flagged by Android users (2 weeks)	55,000
URLs detected (Nov 2025 to April 2026)	More than 1.59 million
Brand impersonation templates	Over 290 prebuilt
Software kits built	131
Victims	Hundreds of thousands
Estimated losses	Millions of dollars

To put that in perspective, the 55,000 spam texts flagged in just two weeks works out to more than two spam complaints every single minute.

Who Got Impersonated

The fake websites copied trusted brands and agencies, including:

• Google
• YouTube
• The U.S. Postal Service (USPS)
• New York’s E-ZPass toll system
• Banks and financial institutions
• State DMVs
• Telecom and phone carriers

The scammers recently shifted from fake package and toll alerts toward impersonating phone carriers. This is a common tactic. When people learn to spot one type of scam, the criminals switch to a fresh disguise.

The AI Angle: How Scammers Weaponized Gemini

Here is what makes this case different from any Google has filed before. This is the first time Google has legally pursued bad actors for misusing its Gemini AI to scam U.S. consumers.

How They Used AI

According to the complaint, members of the Outsider Enterprise used AI-powered phishing attacks built with help from Gemini and other AI tools.

The method was clever and sneaky. Scammers prompted Gemini with requests that seemed harmless. For example, they asked the AI to build a “gift redemption” page. Gemini generated the HTML code. The scammers then loaded that code into their phishing platform and turned it into a fake brand page.

Google put it plainly in the complaint: “The Enterprise encourages scammers to use AI platforms, such as Google’s Gemini, to write the custom code necessary to create their shell websites. Using this method, Enterprise members can create convincing duplicates of virtually any legitimate website in minutes.”

Why This Matters So Much

Before AI, building a convincing fake website took skill and time. A scammer needed to know how to code. That kept many low-skill criminals out of the game.

AI changed everything. Now a person with almost no technical knowledge can spin up hundreds of fake sites in minutes. This is the core danger of AI-powered phishing attacks. They lower the barrier to entry and scale up fast.

Brett Leatherman, Assistant Director of the FBI’s Cyber Division, said it directly: “Criminals increasingly use AI to make fraud like this more convincing and harder to detect. Together with partners like Google, we can disrupt criminal networks in ways no single organization could on its own.”

The Software: “Phishing-for-Dummies”

The Outsider software is sold like a normal subscription product. It costs $88 per week or $200 per month.

For that price, buyers get a turn-key kit. They get ready-made fake website templates, tools to send mass text messages, and the AI prompts to build new scam pages. Google describes it as “phishing-for-dummies” software because it requires almost no skill to use.

The group released the current version of Outsider in July 2025. Since then, they have issued at least 75 updates to improve performance and dodge fraud detection systems. They even abused Google’s own services by once integrating Google Drive into the software to back up stolen financial data to cloud storage. Google later found and blocked those accounts.

The First Case: Google’s Lawsuit Against Lighthouse

To understand the full picture, you need to know about the first lawsuit. The Google cybercrime lawsuit against Lighthouse set the stage in November 2025.

What Lighthouse Was

Google filed the Lighthouse case on November 12, 2025, also in the Southern District of New York. Lighthouse was another Chinese phishing-as-a-service operation.

Like Outsider, Lighthouse sold a phishing kit. Buyers paid a monthly fee for fake website templates, site-building tools, and tools to send malicious SMS messages.

The Lighthouse Numbers

The scale of Lighthouse was enormous:

Metric	Figure
Credit cards compromised (US)	12.7 million to 115 million
Victims	More than 1 million
Countries affected	120
Fake website templates	More than 600
Entities impersonated	About 400
USPS phishing websites (July 2023 to Oct 2025)	More than 32,000
Syndicate members on Telegram	About 2,500

The “Smishing Triad” Connection

Security researchers connected Lighthouse to a loose group of cybercriminals known as the “Smishing Triad.” The word “smishing” combines “SMS” and “phishing.” It means phishing attacks sent through text messages.

Google found that around 2,500 members coordinated on a public Telegram channel. They recruited new members, shared advice, and maintained the software together. The operation had clear roles:

• A “data broker” group supplied lists of potential victims
• A “spammer” group sent out the scam SMS messages
• A “theft” group used stolen credentials to coordinate attacks

The Result: Shut Down in Hours

The Lighthouse case showed how fast legal action can work. Google requested a temporary restraining order. A court granted it just hours after the complaint was filed.

Google’s general counsel Halimah DeLaine Prado said the Lighthouse operation went “essentially dark” almost immediately. Several Telegram channels run by Lighthouse were deleted or taken down. One message allegedly posted by the criminals said their “cloud server has been blocked due to malicious complaints.”

How These AI Scam Texts Actually Work

Understanding AI scam texts helps you avoid them. Here is the step-by-step playbook these operations use.

Step 1: Build the Fake Sites

Using the phishing kit and AI tools, scammers create fake websites that look exactly like real ones. The AI writes the code, so the copies are convincing and fast to produce.

Step 2: Get the Victim Lists

A data broker group buys or steals lists of phone numbers. These become the targets for the scam campaign.

Step 3: Send the Texts

The spammer group sends out mass AI text message scams. The messages create urgency. Common examples include:

• “Your USPS package is stuck in transit. Click to reschedule delivery.”
• “You have an unpaid toll. Pay now to avoid a fine.”
• “Your account has been compromised. Verify your identity immediately.”

Step 4: Steal the Data

When you click the link, it takes you to the fake website. The site asks for your login, credit card number, or personal details. The moment you enter them, the scammers steal them.

Step 5: Cash Out

A theft or monetization group uses the stolen credentials. They drain bank accounts, make fraudulent charges, or sell the data to other criminals. They also launder the money to hide the trail.

The whole system runs through encrypted Telegram channels. Members collaborate, sell access to victim data, and share software updates.

Google’s Legal Strategy: Using RICO Against Hackers

The way Google sues Chinese cybercrime group networks is as interesting as the cases themselves. Google chose an aggressive legal weapon.

The RICO Act

Both lawsuits use the Racketeer Influenced and Corrupt Organizations Act, known as RICO.

RICO was created in the 1970s to take down organized crime families like the Mafia. Using it against a digital cybercrime network is a bold move. It signals that Google, and possibly the courts, view these operations as sophisticated criminal enterprises, not random lone hackers.

The Other Legal Claims

Beyond RICO, Google’s complaints include:

• The Lanham Act (trademark infringement, since the scammers impersonate Google’s brand)
• The Computer Fraud and Abuse Act (CFAA)
• Misuse of Google Cloud and Drive services

Google is seeking injunctive relief, which means a court order to shut the operation down entirely.

Why Sue People You Cannot Name?

The defendants are anonymous and likely overseas, beyond the easy reach of U.S. courts. So why sue at all?

The answer is disruption. A lawsuit lets Google get court orders to seize domains, block infrastructure, and pressure the criminal ecosystem. Kevin Gosschalk, CEO of cybersecurity firm Arkose Labs, explained the logic: if there are three major players and you take down the biggest one, “then the other two start second-guessing, ‘Hey, should we be in this business, or should we get out of this business?'”

Google’s move is also about setting a legal precedent. It tests whether a 1970s racketeering law can apply to 21st-century digital crime. And it establishes that AI platforms can be grounds for civil litigation when criminals abuse them.

Working With the FBI and Phone Carriers

The newest Google cybercrime lawsuit is different in another key way. Google is not fighting alone.

A First-of-Its-Kind Partnership

Google’s general counsel said the Outsider case is the first lawsuit where the company is working alongside the FBI and major carriers at the same time.

The partners include:

• The FBI’s Cyber Division, which is taking its own law enforcement actions
• AT&T, T-Mobile, and Verizon, the three largest U.S. carriers, which are blocking Outsider-linked texts before they reach customers
• Lumen Technologies’ Black Lotus Labs, which helped with the technical takedown

This coordinated approach hits the operation from multiple angles at once. Google dismantles the infrastructure. The FBI pursues law enforcement. The carriers block the texts.

Google’s Existing Defenses

Google already blocks a huge amount of fraud automatically. The company says its AI-powered defenses in Google Messages intercept more than 10 billion scam messages globally every month.

Even with that, the Outsider campaign still reached hundreds of thousands of victims. That shows how relentless these operations are and why legal action is needed on top of technical defenses.

The Push for New Anti-Scam Laws

Google knows that lawsuits alone will not end the problem. As DeLaine Prado wrote, “Litigation alone won’t end this.”

So the company is backing new federal legislation. Google announced support for seven bipartisan anti-scam bills, including:

• The National Strategy for Combating Scams Act
• The STOP Scams Against Seniors Act
• The SCAM Act
• The AI PLAN Act (focused on AI-enabled fraud)

These bills aim to form permanent federal task forces, launch public education campaigns, and create lasting protections against AI-driven fraud.

This matters because the scale of the problem is growing. A Pew Research Center survey released in July 2025 found that 73% of U.S. adults reported facing some form of scam contact. AI is making these scams more convincing and harder to detect.

Why This Fight Is Bigger Than Two Lawsuits

The two cases against Lighthouse and Outsider mark a turning point in how technology companies fight crime.

The New Reality of AI Crime

For years, experts warned that AI could supercharge scams. These lawsuits show that warning coming true. Google’s own Threat Intelligence Group reported catching the first zero-day exploit built with AI assistance, attributed to Chinese and North Korean groups.

White House officials have noted growing alarm about AI’s potential to power scam operations. The Outsider case is the clearest example yet of criminals using mainstream AI tools as part of their supply chain.

What Google Is Really Doing

Google’s strategy combines three forces:

1. Technical defense (blocking 10 billion scam texts a month)
2. Legal action (RICO lawsuits to dismantle infrastructure)
3. Policy advocacy (backing federal anti-scam laws)

As DeLaine Prado summed it up: “By combining powerful security defenses with aggressive legal action, we’re fighting against scammers and working to build a safer internet for everyone.”

The question now is whether courts will agree that a Mafia-era law fits a modern AI crime wave. If they do, expect more tech companies to follow Google’s playbook.

How to Protect Yourself From AI Scam Texts

While Google fights in court, you can protect yourself right now. Here are the key rules.

1. Never click links in unexpected texts. Real companies rarely send urgent links about packages, tolls, or account problems out of the blue.
2. Check the source directly. If you get a USPS or toll text, go to the official website yourself. Do not use the link in the message.
3. Watch for urgency. Scams create panic to make you act fast. “Verify now or lose access” is a red flag.
4. Look at the URL. Fake sites often use odd web addresses that do not match the real brand.
5. Never enter card or login details from a text link. Legitimate businesses do not collect sensitive data this way.
6. Report spam texts. On Android and iPhone, you can report and block junk texts. Your reports help carriers and Google spot new campaigns.
7. Enable spam protection. Google Messages and most carriers offer built-in spam filtering. Turn it on.

FREQUENTLY ASKED QUESTIONS

Why did Google sue a Chinese cybercrime operation?

Google sued to dismantle the infrastructure behind massive text message scams. On June 12, 2026, it sued the Outsider Enterprise for using AI, including Google’s Gemini, to build phishing sites and send 2.5 million scam texts. Google wants a court order to shut the operation down and to set a legal precedent against AI-powered fraud.

What is the Outsider Enterprise?

The Outsider Enterprise is a China-based cybercrime network that runs a phishing-as-a-service platform. It sells scam kits for $88 per week or $200 per month, letting low-skill criminals create fake websites using AI tools like Gemini. Google says the group built over 9,000 fake sites and scammed hundreds of thousands of victims out of millions of dollars.

How did scammers use Gemini AI?

Scammers prompted Gemini with requests that seemed harmless, like building a “gift redemption” page. Gemini generated the website code, which the scammers then loaded into their phishing platform to create fake brand pages. This let people with little technical skill produce convincing fake websites in minutes, scaling up their scam operations dramatically.

What is the Lighthouse cybercrime lawsuit?

The Lighthouse lawsuit was Google’s first major case against a Chinese smishing operation, filed November 12, 2025. Lighthouse sold a phishing kit that compromised between 12.7 million and 115 million US credit cards and affected over 1 million victims across 120 countries. A court shut it down within hours through a temporary restraining order.

What is smishing?

Smishing is a type of phishing scam that uses text messages instead of email. The word combines “SMS” and “phishing.” Scammers send texts that look legitimate, often warning about a stuck package or unpaid toll, to trick people into clicking links and revealing passwords, credit card numbers, or personal information on fake websites.

What are AI-powered phishing attacks?

AI-powered phishing attacks use artificial intelligence to create scam websites and messages at scale. Criminals use AI tools like Gemini to write website code, generate convincing fake pages, and produce mass scam texts. AI lowers the technical barrier, letting low-skill criminals run large operations that were impossible before, making the attacks faster and harder to detect.

How many scam texts did the Outsider Enterprise send?

The Outsider Enterprise sent 2.5 million fraudulent text messages to Android users during a two-week period in May 2026. In that same period, Android users flagged about 55,000 spam texts tied to the campaign, which works out to more than two spam complaints every minute. The group created over 1 million fraudulent URLs.

What brands did the scammers impersonate?

The scammers impersonated trusted brands and agencies including Google, YouTube, the U.S. Postal Service, New York’s E-ZPass toll system, banks, financial institutions, state DMVs, and phone carriers. They recently shifted from fake package and toll alerts toward impersonating telecom carriers, using over 290 prebuilt website templates.

Is Google working with the FBI on this lawsuit?

Yes. The Outsider Enterprise case is the first lawsuit where Google is working alongside the FBI and major carriers at the same time. The FBI’s Cyber Division is taking law enforcement actions, while AT&T, T-Mobile, and Verizon are blocking scam texts. Lumen Technologies’ Black Lotus Labs also helped with the technical takedown.

What is RICO and why is Google using it?

RICO is the Racketeer Influenced and Corrupt Organizations Act, created in the 1970s to dismantle organized crime families like the Mafia. Google uses it against cybercrime networks to treat them as sophisticated criminal enterprises. This aggressive approach lets Google seek court orders to seize domains, block infrastructure, and shut operations down.

How can I protect myself from AI text message scams?

Never click links in unexpected texts. Verify any package, toll, or account alert by going directly to the official website. Watch for urgent language designed to make you panic. Never enter card or login details from a text link. Report and block spam texts, and turn on spam protection in Google Messages or your carrier app.

How much money did these scams steal?

Google estimates the Outsider Enterprise defrauded hundreds of thousands of victims out of millions of dollars. The earlier Lighthouse operation was even larger, compromising between 12.7 million and 115 million credit cards in the US alone and affecting more than 1 million victims across 120 countries.

Did Google’s lawsuit stop the scams?

The Lighthouse lawsuit worked fast. A court granted a temporary restraining order within hours, and the operation went essentially dark with Telegram channels taken down. The Outsider Enterprise case was just filed on June 12, 2026, so the outcome is still developing. Google is coordinating with the FBI and carriers to disrupt the network.

How many scam texts does Google block?

Google says its AI-powered defenses in Google Messages intercept more than 10 billion scam messages globally every month. Despite this, determined operations like the Outsider Enterprise still reach hundreds of thousands of victims, which is why Google combines technical defenses with legal action and support for new laws.

What laws is Google supporting to fight scams?

Google announced support for seven bipartisan anti-scam bills, including the National Strategy for Combating Scams Act, the STOP Scams Against Seniors Act, the SCAM Act, and the AI PLAN Act focused on AI-enabled fraud. These bills aim to create permanent federal task forces, public education campaigns, and lasting protections.

SOURCES & CITATIONS

This article is based on Google’s official complaints, court filings, and verified reporting from credible outlets:

Google Official Sources:

• Google Blog (June 2026): “Combatting AI scams” by Halimah DeLaine Prado, official statements and figures
• Google complaint, Google v. Does 1-25, U.S. District Court for the Southern District of New York

Outsider Enterprise Case (June 2026):

• TechCrunch (June 2026): Operation scale, $88/$200 pricing, victim figures
• The Washington Examiner (June 2026): Gemini misuse details, 75 software updates, Google Drive abuse
• TechTimes (June 2026): Filing date June 12, 2026, carrier impersonation shift
• The Decoder (June 2026): 131 software kits, FBI partnership, brand impersonation list
• CryptoBriefing (June 2026): RICO claims, legal strategy analysis
• Cryptopolitan (June 2026): FBI coordination, Black Lotus Labs, 10 billion blocked messages
• Cybersecurity News (June 2026): 290 prebuilt templates, legal precedent analysis
• Daily Caller (June 2026): FBI statement from Brett Leatherman, Pew Research data

Lighthouse Case (November 2025):

• CNBC (November 2025): Smishing Triad, credit card figures, group structure
• CBS News (November 2025): Exclusive interview with Halimah DeLaine Prado, victim estimates
• The Hacker News (November 2025): Telegram takedown, operation disruption
• Security Affairs (November 2025): RICO, Lanham, CFAA claims, 120 countries
• The Record / Recorded Future News (November 2025): Phishing kit details
• BankInfoSecurity (November 2025): 32,000 USPS phishing sites, 100+ templates

All facts, figures, and quotes are verifiable through the sources listed above or Google’s official channels as of June 13, 2026.