Google sues Chinese cybercrime network using AI for financial scams
What's the story
Google has filed a lawsuit against a Chinese cybercrime network called Outsider Enterprise. The tech giant claims that the group uses artificial intelligence (AI) in its operations to send scam text messages impersonating Google and other brands. These messages are designed to steal sensitive information, such as passwords and credit card numbers, from unsuspecting victims.
Cybercrime scale
Group has used over 9,000 fake websites
Outsider Enterprise has been accused of financially scamming "hundreds of thousands of victims," with losses running into millions. The group has used 9,000 fake websites and one million fraudulent web domains in its operations. In just two weeks, they sent 2.5 million texts to Android users, Google said. The company also noted that Android users flagged 55,000 spam texts in just two weeks last May, more than two text spam complaints a minute.
Scam detection
Google is intercepting over 10 billion scam messages every month
Google has been using "AI-powered tools to fight AI-powered scams," enabling the company to detect scams and warn users about suspicious calls/texts. This has helped intercept over 10 billion scam messages a month. The tech giant is working with AT&T, T-Mobile, and Verizon to block these scam texts, and is also coordinating with the FBI on this matter.
Cybercrime crackdown
FBI has seized several domains used by the cybercriminals
An FBI spokesperson told TechCrunch that the bureau, in coordination with Google and Lumen's Black Lotus Labs, has seized several domains used by the cybercriminals. This includes Shopify storefronts and accounts used to test the operation's phishing service. Since July 2023, Outsider Enterprise's phishing platform has allowed cybercriminals to steal an estimated 3.87 million credit cards and caused losses worth about $1.9 billion.
Phishing platform
Outsider Enterprise developed phishing software
In its lawsuit, Google provided evidence against people involved in the Outsider Enterprise operations. The group is said to have developed a "phishing-for-dummies" software called Outsider, which costs $88 per week or $200 per month. This platform allows operators to create fake websites using AI platforms like Google's own Gemini. The fake sites impersonate various services and companies such as telecom providers, financial institutions, government agencies, and retailers.
Scam strategy
Phishing website created using Google tools
The cybercriminals behind Outsider Enterprise use malicious text messages or ads to lure people to these fake websites. Their main aim is to steal passwords, multi-factor codes and financial information. Google also claimed that the cybercriminals have used Google Drive and Google Cloud infrastructure to host their phishing websites. Google wrote in the complaint, "The Outsider software has been used to create over a million phishing websites to swindle innocent victims out of millions of dollars."
Information
Google seeking damages in lawsuit against Outsider Enterprise
Google has accused people behind Outsider Enterprise of impersonating its brands, infringing copyright, racketeering activities, wire fraud, and false advertising. The company is seeking compensatory and punitive damages in the lawsuit. It also wants an order to stop these criminals from continuing their illegal activities.