Google Sues Chinese Smishing Network for Weaponizing Gemini AI

Google has filed a federal lawsuit in Manhattan against a Chinese cybercrime operation it accuses of abusing its Gemini AI assistant to power a large-scale smishing campaign targeting U.S. consumers. The network allegedly developed and distributed a phishing-as-a-service (PhaaS) toolkit called Outsider, which uses Gemini to generate fraudulent web pages that mimic trusted institutions like banks, brokerage firms, and mobile carriers. Operators then blast SMS messages impersonating those brands, claiming recipients have brokerage account issues or are eligible for mobile carrier rewards, tricking users into entering credentials and financial data on cloned sites.

The operation has reportedly victimized more than 100,000 people, causing millions of dollars in losses, according to Google. Between November 14, 2025, and April 14, 2026, researchers identified over 9,000 fake websites and 1.59 million fraudulent URLs tied to the service. In a two-week window from May 18 to June 1, 2026 alone, the network sent 2.5 million messages to Android users, with 55,000 flagged as spam. The toolkit is disturbingly accessible: licenses start at just $88 per week, purchasable through a self-service Telegram bot (@OutsiderCodeBot), and include 290+ pre-built templates, real-time keystroke logging, and a campaign performance dashboard.

Google's complaint highlights how the operation weaponized AI by instructing users to prompt Gemini and other AI platforms to generate shell website code, which could be pasted into Outsider to produce polished phishing pages without advanced coding skills. This marks one of the first major legal actions targeting the misuse of commercial AI tools for cybercrime at scale. Google is coordinating with AT&T, T-Mobile, and Verizon to block the malicious messages and is pursuing the case to dismantle the network's infrastructure entirely.

The case underscores the growing convergence of AI and phishing-as-a-service economies. Users who suspect exposure should immediately verify their credentials using a password strength checker, confirm whether their data has appeared in known leaks with an email breach checker, and inspect suspicious links with a WHOIS lookup before clicking. As AI lowers the technical barrier for cybercriminals, proactive personal security hygiene is no longer optional.