Fraud Management & Cybercrime
,
Litigation
,
Social Engineering
Complaint Says Service Generated More Than 1.5 Million Malicious URLs

Google has sued a Chinese phishing-as-a-service provider Friday for providing tools and crash courses for using the company’s artificial intelligence product to create more than a million scam websites.
See Also: Partnering with Law Enforcement: Response and Investigative Strategies
The cybercrime group used Google’s AI coding agent Gemini to refine and customize phishing sites so they look as real as the original, tricking victims to input their credit card information, account credentials and other personal data, the company said.
New York District Judge Victor Marrero has approved Google’s emergency request to block the phishing operation Friday after finding the phishing attacks have defrauded over 100,000 victims and numerous businesses, including New York’s E-ZPass program and the New York City government.
“In late 2025, phishing attacks generated using AI reportedly increased more than fourteenfold and now account for over half of all reported phishing incidents,” Google said in the complaint.
The lawsuit comes amid the rapid growth of Chinese-language phishing services. Google’s security researchers say the use of AI is not a feature to one cybercrime group but an evolution happening across the Chinese-language phishing ecosystem.
Scam texts enabled by these services have flooded phones globally, with one prominent operation, tracked as Darcula or Magic Cat, accounting for 80% of all phishing texts in the United States, according to Google’s lawsuit against the group last year.
In this latest showdown, the Chinese phishers are said to provide a malicious software suite named “Outsider” that offers more than 290 pre-built templates that mimic the legitimate websites of financial services providers, phone service providers, government agencies and retailers.
For a subscription fee as low as $88 a week, the toolkit is a one-stop shop for creating fraudulent websites, launching phishing campaigns and capturing victim information, Google said.
On top of traditional plug-and-play capabilities, the phishing software can ingest AI-generated code for a shell website and transform that shell into a fully functioning scam website that’s made to order. This means there can be limitless variations of the hundreds of pre-built templates.
It’s no problem if a client doesn’t know how to use AI – the phishing vendor gives step-by-step instructions on how to use Gemini in a tutorial video, Google said.
Scammers start by asking Gemini to create a website in the same style as the template they give it, a prompt that looks like an innocent request for programming assistance.
“Please help me generate a gift redemption page in the same style. It needs 6 product, of which 5 do not have enough points to be redeemed,” a sample prompt attached in Google’s complaint read. “Do not use JS code, and make the page look more gorgeous and beautiful.”
Once Gemini generates the code, the output is pasted into the phishing platform’s “custom template” editor where the fraudulent site in the making can be further edited, such as inserting images of products or logos saved from the Internet onto the page to look more credible.
The sophisticated yet easy-to-use phishing tool allows people with no technical knowledge to launch polished and legitimate-looking sites at scale.
“In the five-month period from November 14, 2025, to April 14, 2026, alone, Google detected more than 1.59 million URLs linked to the Outsider Enterprise,” the complaint said.
The scam service provider continues to offer customer support after a phishing site is launched, Google said. Its associates are tasked with sending the malicious web link to potential victims via Apple iMessage, Google Messages and other modern messaging methods that transmit high-resolution photos and videos through Wi-Fi and support functions like dotted typing signals and read receipts.
Google’s cybercrime investigation team said it found 2.6 million messages sent via Google Messages containing links to the phishing group’s websites in a two-week period from May 18 to June 1.
Rather than alerting about missing packages or overdue highway tolls, these scams lure victims by purporting that there are problems with their stock brokerage accounts or that rewards points from their mobile carriers are about to expire.
Scammers can track the impact of their campaigns on the same software platform, where a dashboard displays real-time metrics such as how many people visited their phishing site and provided personal data.
To bypass multifactor authentication, these phishing sites display fake MFA pages that prompt users to get authentication codes. Attackers use the stolen credentials to log into the victim’s account in real time, trigger an MFA code from the legitimate institution and then trick the user into providing that code to the fake site.
The stolen information can be used in many ways, such as adding payment cards into digital wallets to make unauthorized purchases or using compromised brokerage accounts to buy targeted stocks, artificially driving up their price so scammers can profit by selling their own holdings.
In response, New York’s Southern District Court has issued a temporary restraining order barring the phishing service provider from continuing its operations worldwide.
