Google takes legal action against a scam operation that utilized Gemini AI to create fraudulent websites.

      Google has initiated legal action against a suspected Chinese cybercrime group known as the Outsider Enterprise, claiming that the group dispatched over 2.5 million fraudulent text messages to Android users within a two-week span in May. These messages included links to counterfeit websites aimed at stealing personal information, and it is alleged that the scammers utilized Google’s Gemini chatbot to assist in the creation of these sites.

      The lawsuit, initially reported by Bloomberg, states that the group targeted hundreds of thousands of individuals across the United States. Google claims that the operation produced 9,000 phony websites and generated more than one million fraudulent URLs.

      Operational Details

      The Outsider Enterprise communicated via Telegram, sharing links in text messages that pretended to be from Google and other reputable brands. These messages contained urgent notifications about purportedly compromised accounts or package tracking information. Once users clicked on the links, they were directed to websites that solicited confidential information. According to the lawsuit, the scammers encouraged each other to use Gemini to compose the specific code required for developing these malicious sites.

      Escalating Patterns

      This lawsuit represents Google's second significant legal move against text message scam operations based in China within seven months. In November 2025, the company filed a RICO lawsuit against a group referred to as Lighthouse, which was involved in a “phishing-as-a-service” model that sold pre-packaged scam kits. Lighthouse was accused of compromising between 15 million and 100 million credit cards in the U.S. alone, as reported by CNBC. Google stated that a temporary restraining order effectively dissolved Lighthouse within hours of filing the complaint.

      The Outsider Enterprise case follows a similar pattern but introduces a new element: the intentional use of generative AI within the scam infrastructure. While Lighthouse sold phishing kits, members of Outsider allegedly harnessed Gemini to create code for their operations.

      Growing Concerns about AI Misuse

      The claim that scammers utilized Gemini to construct fraudulent platforms is part of a larger trend of AI tools being exploited for cybercrime. Google’s Threat Intelligence Group reported in May 2026 that state-sponsored actors from China, North Korea, and Russia are leveraging AI for vulnerability research, automatic malware development, and supply chain assaults.

      ESET, a cybersecurity firm, identified in February 2026 the first known Android malware that integrated generative AI directly into its execution process. This malware, named PromptSpy, used the Gemini API to independently navigate victim devices.

      The push within the cybersecurity sector for regulated AI has intensified as these incidents proliferate, revealing a clear trend: tools originally designed to aid developers and consumers are being repurposed by criminal enterprises.

      Telecom Industry Involvement

      Google stated that it collaborated with AT&T, T-Mobile, and Verizon to prevent the Outsider Enterprise’s texts from reaching potential victims. Nasrin Rezai, Verizon’s chief information security officer, described the initiative as a collective response across the industry. “We anticipate collaborating with Google, the telecom sector, and federal law enforcement in this coordinated effort to dismantle harmful domains and disrupt global cybercrime activities,” Rezai remarked in a statement. The partnership between a tech company and the three largest U.S. carriers underscores the magnitude of the threat.

      What Remains Unaddressed

      The lawsuit does not provide an estimated total of financial losses resulting from the spam messages, nor does it outline how many victims actually surrendered personal information after interacting with the fraudulent links. Concurrently, regulatory bodies in China have initiated enforcement actions against AI misuse, focusing on deepfakes, fraud, and disinformation. It remains uncertain whether these domestic measures will effectively address operations like the Outsider Enterprise, which allegedly targeted U.S. consumers from China.

      Cautionary Notes

      The figures of 2.5 million messages and 9,000 fake websites are taken from Google's complaint and have not been independently verified. The complaint identifies the defendants as a suspected Chinese operation but does not name specific individuals. Bloomberg serves as the primary source for the details of the lawsuit, and the assertion that scammers used Gemini to generate code for fraudulent websites is derived from the complaint itself, lacking independent confirmation beyond Google's filings.