Chinese cybercrime operation that used AI to scam 'hundreds of thousands of victims' sued by Google

Overview

Google has filed a lawsuit to dismantle the infrastructure behind an alleged Chinese cybercrime operation called Outsider Enterprise, which it says used AI to scam hundreds of thousands of victims. According to Google, the group sent 2.5 million scam texts to Android users in a two-week period, deployed 9,000 fake websites and one million fraudulent domains, and impersonated Google and other brands to steal passwords and credit card details. Google is coordinating with the FBI and major US carriers, and the FBI says the group's phishing platform enabled the theft of an estimated 3.87 million credit cards since July 2023.

Key Takeaways

Google sued to dismantle infrastructure behind an alleged Chinese cybercrime network called Outsider Enterprise.
Google says the group used AI to scam hundreds of thousands of victims, with losses estimated in the millions.
The operation allegedly deployed 9,000 fake websites, one million fraudulent domains, and 2.5 million texts to Android users in two weeks.
Outsider is sold as turn-key phishing software costing $88 per week or $200 per month, with more than 290 pre-built templates.
Google says criminals used AI platforms, including Google's own Gemini, to help build fake sites.
The FBI says the phishing platform enabled theft of an estimated 3,870,000 credit cards and about $1.9 billion in losses since July 2023.

Stats & Key Facts

#2.5 million scam texts sent to Android users in a two-week period.
#9,000 fake websites deployed.
#One million fraudulent web domains.
#55,000 spam texts flagged by Android users in two weeks in May, more than two complaints a minute.
#More than 10 billion scam messages intercepted a month by Google.
#Outsider software costs $88 per week or $200 per month.

The lawsuit and its target

Google is moving to shut down the operation's infrastructure.

›Google announced the lawsuit on Friday against the alleged network Outsider Enterprise.
›Google describes the group as foreign-based cybercriminals whose real identities are unknown.
›The group is alleged to send scam texts impersonating Google and other brands to steal passwords and credit card numbers.

Google says the operation has financially scammed hundreds of thousands of victims, with losses estimated in the millions. The company is using the lawsuit to dismantle the infrastructure behind what it calls a massive AI-powered cybercrime operation.

In the complaint filed as part of the lawsuit, Google laid out the evidence it gathered against the people involved, whom it described as foreign-based cybercriminals with unknown real identities. According to the complaint, the group built, maintains, and uses a turn-key online software suite that enables criminals, regardless of technical skill, to publish fraudulent websites designed to rob victims.

Scale of the operation

Google cited large numbers to describe the scope.

›The group deployed 9,000 fake websites and one million fraudulent web domains.
›It sent 2.5 million texts to Android users in a two-week period.
›55,000 spam texts were flagged by Android users in just two weeks this past May, more than two complaints a minute.

Google said it uses AI-powered tools to fight AI-powered scams, which lets it detect scams and alert users to suspicious calls and texts. The company said this leads to the interception of more than 10 billion scam messages a month.

How the Outsider software works

Google describes Outsider as phishing-for-dummies software.

›The software costs $88 per week or $200 per month.
›It lets operators create fake websites with the help of AI platforms, including Google's own Gemini.
›It offers more than 290 pre-built templates that generate replicas of real websites in minutes.
›It includes guides on how to weaponize AI-generated code and a dashboard to track phishing progress.

The fake sites impersonate telecom providers, financial institutions, government agencies, and retailers. Criminals lure victims with malicious texts or paid ads, then capture passwords, multi-factor codes, and financial information that victims enter, with the data transmitted through Outsider's platform in real time.

How the criminals collaborate

The operation is structured to be accessible to non-experts.

›People with limited technical skill can buy the software and run phishing attacks.
›Buyers meet other members who are proficient in different areas.
›The group coordinates in open, largely uncoded discussions on Telegram.

According to Google, members use Telegram channels to collaborate, train each other, discuss strategies, and develop phishing attacks. Google said the enterprise brazenly coordinates its efforts in the open.

Law enforcement and carrier response

Google is working with carriers and the FBI.

›Google said it has collaborated with AT&T, T-Mobile, and Verizon to block scam texts.
›Google is coordinating with the FBI.
›The FBI, with Google and Lumen's Black Lotus Labs, seized several domains, Shopify storefronts, and accounts used to test the phishing service.

An FBI spokesperson told TechCrunch that since July 2023 the phishing platform enabled cybercriminals to steal at least an estimated 3,870,000 credit cards and a corresponding estimated $1.9 billion in losses.

Frequently Asked Questions

Who is Google suing?

Google is suing an alleged Chinese cybercrime network it calls Outsider Enterprise, describing the members as foreign-based cybercriminals whose real identities are unknown.

How did the group use AI?

Google says the group used AI to power its scam campaigns and that its Outsider software lets operators build fake websites with the help of AI platforms, including Google's own Gemini, along with guides on weaponizing AI-generated code.

How big was the operation?

Google says the group deployed 9,000 fake websites and one million fraudulent domains and sent 2.5 million texts to Android users in two weeks, scamming hundreds of thousands of victims with losses estimated in the millions.

How much did the Outsider software cost?

Google says the turn-key software cost $88 per week or $200 per month and offered more than 290 pre-built templates that generate replicas of real websites in minutes.

Who is involved in the response?

Google is coordinating with the FBI and working with AT&T, T-Mobile, and Verizon. The FBI, with Google and Lumen's Black Lotus Labs, seized several domains, Shopify storefronts, and test accounts.

Google's lawsuit and the related FBI action aim to disrupt an AI-assisted phishing operation tied to large-scale credit card theft.