Google has filed a federal lawsuit targeting Outsider Enterprise, an alleged Chinese cybercrime syndicate accused of deploying artificial intelligence to orchestrate a massive, global phishing operation. The tech giant alleges the network scammed hundreds of thousands of victims and caused financial losses estimated at nearly two billion dollars. According to court documents, the syndicate markets a subscription-based phishing platform, also named Outsider, priced at eighty-eight dollars per week or two hundred dollars monthly. The software leverages generative AI, including Google’s Gemini model, to automatically construct fraudulent websites that replicate legitimate telecom, financial, and retail services. Google notes the platform provides nearly three hundred pre-built templates, automated code-generation guides, and campaign-tracking dashboards, effectively lowering the technical barrier for cybercriminals. The syndicate coordinates recruitment, strategy, and training through uncoded Telegram channels. The operation’s reach has been extensive. In a recent two-week window alone, Google detected nine thousand malicious domains and one million fraudulent URLs linked to the group, which distributed approximately 2.5 million scam text messages to Android users. During that period, fifty-five thousand users independently flagged the messages as spam. Google accuses the operators of illicitly utilizing Google Drive and Google Cloud infrastructure to host their phishing campaigns. In response, Google has deployed counter-AI detection systems that intercept more than ten billion suspected fraudulent communications monthly. The company has partnered with major US carriers, including AT&T, T-Mobile, and Verizon, to block malicious SMS traffic at the network level. Google is also coordinating directly with the Federal Bureau of Investigation. An FBI spokesperson confirmed that, alongside industry partner Lumen’s Black Lotus Labs, the bureau seized multiple domains and Shopify accounts tied to the syndicate’s testing infrastructure since July 2023. Authorities estimate the network has exfiltrated at least 3.87 million payment card credentials from financial institutions across ninety-five countries. Google’s complaint details a highly segmented criminal ecosystem. The network comprises distinct factions responsible for software development, victim targeting through purchased data lists, bulk messaging infrastructure including smartphone banks and SIM clusters, and financial laundering. The company alleges the syndicate engaged in wire fraud, racketeering, copyright infringement, and false advertising by impersonating its brands. Google is seeking compensatory and punitive damages, alongside a permanent injunction to dismantle the operation. The case underscores the accelerating arms race between tech platforms and organized cybercriminal enterprises leveraging accessible generative AI tools.