Google targets AI-powered phishing in landmark New York lawsuit against 'Outsider Enterprise'

Google just brought the legal equivalent of a sledgehammer to a phishing operation. The company filed a civil lawsuit in the US District Court for the Southern District of New York on June 12, targeting a suspected China-based cybercrime network it calls the “Outsider Enterprise.”

The case is notable for a specific reason: it’s the first lawsuit in the US that explicitly goes after the misuse of Google’s own Gemini AI technology for running phishing scams.

The scale of the operation

The numbers here are staggering. Between November and April, the Outsider Enterprise allegedly generated more than 1.5 million malicious URLs. In just a 14-day stretch in early May, the network reportedly blasted out 2.5 million fraudulent text messages.

The complaint names Does 1-25 as defendants and details how the Outsider kit, the phishing toolkit at the heart of the operation, allegedly guided users in creating convincing replicas of well-known websites. The targets included Google itself, YouTube, and even the US Postal Service.