Alphabet Inc.’s Google has sued a suspected Chinese cybercrime operation, accusing the group of using artificial intelligence to send more than 2.5 mn fraudulent text messages to Android users.
The lawsuit targets a network known as Outsider Enterprise. Google said the organization targeted hundreds of thousands of people in the U.S. by sending scam links designed to steal personal information.
According to the complaint filed on Friday, the group sent 2.5 mn messages over a two-week period in May. Those messages contained links to websites generated by Outsider Enterprise and designed to imitate trusted online brands.
Google said the cybercrime network used Telegram to coordinate its activity, Bloomberg notes. The messages appeared to come from Google and other familiar digital companies, making the scams harder for ordinary users to detect during routine phone use.
The texts used urgent account warnings and package-tracking alerts to push users into clicking links. Once users opened the link, they landed on fake websites requesting confidential information.
Google said artificial intelligence helped the operation scale. The complaint alleges scammers encouraged each other to use Google’s Gemini chatbot to write custom code for malicious websites.
The filing did not provide an estimated financial loss tied to the spam campaign. Google said the wider network involved 9,000 fake websites and more than 1 mn fraudulent URLs.
The company said it worked with AT&T Inc., T-Mobile US Inc., and Verizon Communications Inc. to block the messages before they reached potential victims. That cooperation shows how telecom operators now sit directly inside anti-fraud response when text scams scale across mobile networks.
As cybercriminals increasingly leverage advanced technologies like AI to execute sophisticated text-messaging scams, defeating these threats requires a unified, cross-industry response.
Nasrin Rezai, chief information security officer at Verizon
Verizon plans to work with Google, the telecom industry, and federal law enforcement to dismantle malicious domains and disrupt global cybercrime operations.
According to Beinsure analysts, the case shows how AI lowers the operating cost of phishing and smishing campaigns. Criminal groups no longer need large technical teams to generate code, copy trusted brands, localize messages, and rotate fake domains at speed.
For cyber insurers, the lawsuit adds another signal about AI-assisted social engineering risk. The exposure sits across consumer fraud, telecom abuse, brand impersonation, identity theft, and potential liability for companies whose tools or platforms appear inside criminal workflows.
