Google sues Chinese cybercriminal group using Gemini for phishing

Google has filed a lawsuit against a Chinese cybercriminal group Outsider Enterprise — which used AI, including Gemini itself, to create phishing websites and mass-distribute fraudulent SMS messages to Android users.

What the group did

Outsider Enterprise built a full-fledged digital fraud factory based on generative AI. The group used Google Gemini to automatically generate phishing web pages — exact copies of official Google resources and other well-known brands. Thanks to AI, the speed of creating such sites increased dramatically: what previously took days now takes minutes.

In parallel, the operation included an aggressive SMS spoofing campaign. Over two weeks, the fraudsters distributed 2.5 million fake text messages to Android users — each appearing as an official notification from Google or another major company. The goal is standard: force a user to click a link, enter credentials, or download malicious software.

What makes this story particularly telling is that the group used Gemini itself — a tool from the very company now suing them. This starkly demonstrates how easily publicly available AI tools are weaponized against the organizations that developed them.

Google's legal strategy

The company filed suit on Friday, seeking complete dismantling of Outsider Enterprise's infrastructure. The demands include:

• transfer control of all domains involved in phishing to Google
• shutdown of servers and accounts used by the group
• prohibition on further use of Google products and platforms by its members
• recovery of damages for the company and affected users
• public establishment of responsibility for specific individuals

Lawsuits are part of Google's consistent strategy in fighting large-scale fraud. Criminal prosecution in international cases is slow and unpredictable, whereas civil lawsuits allow faster domain seizure and infrastructure freezing. Moreover, each successful case sets a precedent that complicates operations for subsequent groups — at least in jurisdictions where Google can actually recover damages.

Why AI is convenient for fraudsters

Using Gemini for phishing is a telling example of the systemic challenge facing all major AI companies. Generative models can create convincing text, logos, website structure, and navigation — exactly what's needed for plausible brand imitation. Previously, a quality phishing site required either serious technical skills or hiring specialists. Today it's a matter of a few prompts. The barrier to entry for fraudsters has dropped sharply, while the credibility of attacks has increased.

Google and other AI developers are implementing increasingly strict restrictions on dangerous scenarios. But criminal groups adapt quickly: they use multiple tools simultaneously, apply AI only at specific stages of an attack, or seek out models with less strict moderation.

What this means

Lawsuits are an important but insufficient response. While one group is dismantled, others modify their schemes and continue operating. Real progress requires AI companies not only to react to incidents, but to have built-in abuse detection mechanisms — before the scale of damage reaches millions of affected users.