Google has filed a lawsuit against a China-based cybercrime network it calls the "Outsider Enterprise," alleging the group used artificial intelligence, including Google's own Gemini, to mass-produce phishing websites and the scam texts that have been flooding American phones. The complaint, filed June 12, 2026, is the first time Google has legally pursued bad actors for misusing Gemini to defraud U.S. consumers, and it lands as the same scammers reportedly pivot from fake package and toll alerts to impersonating phone carriers.
What does Google's lawsuit allege?
According to Google, the operation generated more than 9,000 fake websites and over 1 million fraudulent URLs, impersonating brands and agencies including Google, YouTube, the U.S. Postal Service and New York's E-ZPass toll system. During a two-week stretch in May, Android users flagged roughly 55,000 spam texts tied to the campaign, and Google connected about 2.5 million messages sent in that period to Outsider-generated scam sites.
Google says the group has harmed hundreds of thousands of victims. The Wall Street Journal, which first reported the filing, put the accused losses at $1.9 billion and said the texts increasingly impersonate the phone companies themselves, a shift from the familiar "stuck package" and "unpaid toll" lures.
How did scammers use Gemini?
The lawsuit includes screenshots from tutorial videos allegedly circulated inside the operation that show members prompting Gemini to write the code for fake "gift redemption" pages, then importing that code into a phishing platform. The significant detail is not that the AI did anything exotic. It is that the AI removed the skill barrier.
Building a convincing counterfeit website used to require a coder and time. A chatbot lets a low-skill operator generate thousands of fake pages on demand, each one tweaked to imitate a different brand or agency. That is the mechanism turning a manual craft into an assembly line, and it is why the volume of these texts has climbed so sharply.
Why are these "smishing" scams surging?
Smishing, phishing delivered by SMS text message, works by impersonating a trusted sender and creating urgency, a missed delivery, an overdue toll, a security alert, to pressure you into tapping a link and handing over passwords or card numbers. What changed is the economics. Google and security researchers describe operations like this as "phishing-as-a-service": the earlier "Lighthouse" network that Google sued in November 2025 sold a kit of hundreds of ready-made fake-site templates to would-be scammers.
Generative AI is the next escalation. Where a kit offered fixed templates, a model like Gemini can produce endless custom variations, which both increases volume and helps the messages slip past filters that look for known patterns. The deeper implication is uncomfortable: AI does not just make scammers faster, it lets people with no technical skill run industrial-scale fraud, which is the real reason the "spamosphere" is expanding.
How is the crackdown organized?
Google is not acting alone. It is coordinating with the FBI, which is expected to take law enforcement action, and with the major carriers AT&T, T-Mobile and Verizon to block the messages at the network level. The suit is aimed at dismantling the group's infrastructure rather than simply winning damages, the same playbook Google used against Lighthouse. It also puts Google in the unusual position of suing people for abusing a product it sells, an early test of whether AI companies can police the misuse of their own tools.
How can you protect yourself?
The practical advice has not changed, only grown more urgent. Treat any unexpected text about a package, a toll, a refund, or now your phone carrier as suspicious. Do not tap links inside such messages, and never enter passwords or card details on a page you reached from a text. If you think a notice might be real, go to the company's official app or website directly instead of using the link. On Android and iPhone you can report and block scam texts, which is part of how Google detected this campaign in the first place.
Frequently Asked Questions
Who is Google suing and why?
Google is suing a China-based cybercrime network it calls the "Outsider Enterprise," alleging it used AI tools including Google's Gemini to build phishing websites and send scam texts impersonating Google, the USPS and toll services. It is the first time Google has taken legal action over misuse of Gemini against U.S. consumers.
How did the scammers use Gemini?
According to the complaint, members prompted Gemini to generate the code for fake "gift redemption" and brand-impersonation pages, then loaded that code into a phishing platform. AI let low-skill operators mass-produce convincing fake sites, lowering the barrier to running large scam campaigns.
How big was the operation?
Google links the group to more than 9,000 fake websites and over 1 million fraudulent URLs, and connected about 2.5 million scam messages to its infrastructure during a two-week period in May. The Wall Street Journal reported accused losses totaling $1.9 billion.
How can I avoid text-message (smishing) scams?
Do not tap links in unexpected texts about packages, tolls, refunds or your carrier, and never enter passwords or card numbers on a page opened from a text. Verify notices through the company's official app or website, and report and block suspicious messages on your phone.
ⓒ 2026 TECHTIMES.com All rights reserved. Do not reproduce without permission.
