2026-07-02 · ← Radar
Google’s Outsider Enterprise lawsuit shows how cheap AI scams can scale
Google has filed a lawsuit against the alleged China-based cybercrime network Outsider Enterprise. The company says the group abused AI tools, including Gemini, to build phishing sites and scam infrastructure impersonating Google, YouTube, postal services, banks, DMVs and toll agencies.
Gemini appears in the complaint as a cheap phishing factory
Public descriptions of the lawsuit say the group operated through Telegram and offered phishing-as-a-service with ready-made templates. Google and follow-on reports cite more than 9,000 fake websites, 1 million fraudulent URLs and losses estimated in the millions of dollars.
The sharpest number is distribution speed. Google links Outsider Enterprise infrastructure to 2.5 million messages sent to Android users during a two week period in May 2026. Users flagged 55,000 spam texts in the same period.
The security problem moves from the model to the assembly line
For security teams, the important point is that Gemini is not described as an autonomous hacker. It is a productivity tool in the hands of a group that already has channels, templates, affiliates and infrastructure.
That is more uncomfortable than a simple debate about whether a model can cause harm. The real effect appears when AI reduces repetitive work: code generation, template rewrites, localization and fast deployment of variants for different brands.
A lawsuit can break infrastructure, but not demand for cheap fraud
Legal action can disrupt specific infrastructure and give Google leverage over domains, accounts or providers. It does not remove the core economics. If AI shortens the path from idea to usable scam page, similar networks can be rebuilt.
That also complicates vendor messaging. Google says it uses AI-powered tools against AI-powered scams and intercepts more than 10 billion scam messages a month. That is necessary, but it also shows the industrial scale of the attack surface.
Takedown speed will matter more than safety slogans
The next signals are the number of domains blocked, the speed of account shutdowns and whether the same template set reappears under another name. Cooperation with carriers and platforms will matter too, because smishing is not a single-model problem.
AI abuse will not be measured only by what a model refuses in a prompt. It will be measured by how many finished scam pages reach a victim’s phone.
Lilith's verdict
The lawsuit is a fire extinguisher, not fire prevention. As long as one operator with Telegram and a model can fill the street with fake storefronts, security teams will count broken windows by the thousand.
I keep the external link at the end. First, a concise explanation here — no hunting across someone else's site.
Original source ↗ ↗