Google just caught its own AI building phishing sites for $1.9B theft ring. Your tools are next.

Google filed a lawsuit on June 12 against a Chinese cybercrime network called Outsider Enterprise.

The twist: they used Google's own Gemini to build the phishing infrastructure.

The FBI says this single operation stole 3.8 million credit cards and caused $1.9 billion in losses since 2023.

How it worked:
- 290+ pre-built phishing templates sold as a service ($88/week)
- Gemini generated the custom code for fake websites
- 2.5 million scam texts sent to Android users in just two weeks
- 9,000 fake sites and over 1 million fraudulent URLs deployed
- Coordinated entirely through Telegram channels

Google's general counsel called it their "first coordinated effort and lawsuit" of this scale.

The FBI seized servers, Shopify storefronts, and $100K in USDT. AT&T, T-Mobile, and Verizon are now blocking scam traffic at the carrier level.

Google is pushing seven bipartisan bills to make AI-powered fraud a federal priority.

Here is the enterprise reality:
- Your AI tools are already being weaponized. Not hypothetically. In production.
- Every model with code generation capabilities is a potential phishing factory.
- If a Chinese crime ring can rent Gemini for $88/week, your competitors can租 your leaked models too.

Audit your AI access controls today. If your teams can generate code with external models without governance, you are one misconfigured API key away from being the next attack vector.

SOURCE: https://blog.google/innovation-and-ai/technology/safety-security/combatting-ai-scams/
VERIFIED: TechCrunch, Engadget, BleepingComputer, Google Blog
SIGNAL: This is the first major lawsuit proving AI models are now criminal infrastructure. CISOs who treat AI governance as optional just got a $1.9B warning.
---