TL;DR
– Outsider Enterprise ran a phishing-as-a-service operation priced at $88/week, powered by Google’s Gemini AI. FBI numbers connect it to a significant number of stolen credit cards and substantial financial losses.
– Google filed suit in the Southern District of New York against unnamed defendants. They want damages and a permanent injunction.
– The toolkit shipped with 290+ ready-made templates impersonating banks, carriers, and government agencies. During a single two-week stretch, it pushed a large volume of scam texts to Android phones.
– Google claims it already catches a significant number of scam messages every month and teamed up with AT&T, T-Mobile, and Verizon on interception. That’s a floor, not a ceiling.
—
Google walked into federal court and sued a cybercrime group called Outsider Enterprise. The complaint reads like something a screenwriter would pitch and get laughed out of the room for. These criminals took Google’s own Gemini model and used it to mass-produce phishing websites. Industrial scale.
FBI pegs the damage at a significant number of stolen credit cards and substantial financial losses.
The subscription price?
Less than I pay for Notion.
First time Google has gone after anyone for weaponizing Gemini specifically.
That detail matters more than people realize.
If your business sends emails, texts, payment links, or really anything customer-facing, this changes what you need to worry about. Here’s the breakdown.
How Phishing Became a SaaS Product
Google’s filing calls Outsider Enterprise a “turn-key, online software suite.” Which is corporate-speak for: they made phishing stupid easy.
You pay. You pick a template. You’re done. No code, no DNS config, no late nights fighting with Let’s Encrypt certificates. Just 290-plus pre-built designs that clone banks, phone companies, government portals, and retail brands. They even shipped instruction manuals. Honestly, the polish on this thing would impress a legitimate startup founder. Wrong kind of polish, but still.
The AI piece is what makes it gut-punching.
Outsider used Gemini itself to write phishing site code and generate convincing page content. Google built the model. Criminals used the model to build fake Google sign-in pages. Those fake pages harvested credentials from Google’s actual users. Three layers deep and none of it consensual.
When someone typed their password and MFA code into one of these replica sites, everything transmitted straight to the operator in real time. No lag. No manual collection step. The complaint also says they hosted chunks of this operation on Google Drive and Google Cloud.
I’ll let that sink in for a second.
Side note: the fact that nobody at Google caught Drive/Cloud abuse patterns for months is… a thing.
Not a great thing.
Outsider blasted a large volume of scam SMS messages at Android users in two weeks. Over a recent period, Google spotted a significant number of URLs connected to the ring.
They’d spun up roughly 9,000 fake websites and a significant number of fraudulent domains.
Let that number sit.
The Math on Financial Theft
This is the part that keeps me up.
Google’s own filing references a significant number of payment cards across multiple countries. But FBI’s wider investigation traces it to a large number of cards and substantial financial losses. Those are federal numbers, not Google PR.
I don’t know how to make this feel real.
Tbh, billion-dollar fraud stats kind of wash over you after a while. They’re abstract. So let’s zoom in. Outsider Enterprise gave anyone with $88 and basic literacy the ability to clone a bank’s login page well enough to fool a careful person. The clone loads fast. The copy reads naturally because Gemini wrote it. The domain looks plausible. Your customer types their credentials. Game over.
That’s what changed. Phishing used to require a skill stack — HTML, DNS, hosting, some social engineering chops. Now it requires a debit card and a free Saturday.
And when the cost of attacking drops this hard, the volume explodes.
Google says they’re already blocking a significant number of scam messages monthly. And it isn’t enough. Obviously isn’t enough, as we’re sitting here talking about a billion-dollar fraud operation that ran unchecked for nearly three years.
Why Small Businesses Can’t Ignore This
If you operate a small or mid-sized business, listen. You’re not collateral damage in this story. You’re the product.
Scammers don’t just impersonate Chase and Verizon. They impersonate you. Your domain. Your sender name. Your support tone. When a phishing kit packs 290+ templates and AI-generated text that mirrors how your actual support team writes, your customers can’t tell the difference. They get burned. You get the blame.
Your review profile takes hits you’ll never recover.
Carriers are fighting back. Google’s working with AT&T, T-Mobile, and Verizon on interception. But Google themselves admit they block a significant number of scam messages monthly and still found a significant number of phishing URLs across a recent period. Defense is sprinting. Offense is jogging. Gap keeps widening.
So what do you actually do?
A few things. None optional.
Figure out what your customer communications look like from the outside.
If you send payment links via SMS, receipts via email, or support messages through any channel, write down what’s legitimate and what’s not. Then educate your customers. Two lines on every receipt. A pinned FAQ. That’s free.
Set up DMARC on your domain. Today. It costs nothing and it stops spoofed emails from reaching inboxes pretending to be you. Most small businesses haven’t done this. I checked ours six months ago and it wasn’t configured. Embarrassing but fixable in about 15 minutes.
Your team needs to understand the template problem. Outsider’s library impersonates financial institutions, telecom providers, government agencies, and retailers with scary accuracy. A login page that looks real isn’t evidence of anything anymore — AI built it from a real template. Second-channel verification before entering credentials. Every single time. No exceptions for “it looked official.”
The Lawsuit That Could Set the Rules
This case is bigger than one crime ring. Google is the first major AI provider to sue criminals for turning its own model into attack infrastructure. They want compensatory damages, punitive damages, and an injunction.
If the court grants that injunction, it creates a playbook. Every AI enterprise — Anthropic, OpenAI, Meta, Mistral. Gets a legal template for going after model abuse. That matters.
But let’s not kid ourselves. Courtrooms are slow. The phishing sites are live. The stolen cards are already in dark web markets. The money’s gone. Google’s mopping up. Not building seawalls.
For those of us wiring AI APIs into products daily, the takeaway isn’t subtle. No model provider has shipped guardrails strong enough to stop someone with $88 and bad intentions. The same Gemini API that drafts your landing page copy drafts phishing pages. The same endpoint that runs your support chatbot runs scam SMS at a large volume.
Treat AI-powered phishing as a permanent operational threat. Not a yearly training module. Not something your IT guy handles when he gets around to it. A standing budget line.
Since the math still favors prevention over breach cleanup, and that gap won’t last forever.
Google v. Outsider Enterprise complaint (DocumentCloud) · TechCrunch coverage · AI Weekly analysis
