RSS

FBI disrupts AI-powered phishing service using a million URLs

devonnull3 pts0 comments

FBI disrupts massive AI-powered phishing service using a million URLs

Home<br>News<br>Security<br>FBI disrupts massive AI-powered phishing service using a million URLs

FBI disrupts massive AI-powered phishing service using a million URLs

By Bill Toulas

June 14, 2026

10:36 AM

In a coordinated effort, the FBI, working with Google and Black Lotus Labs, has dismantled a massive Chinese phishing-as-a-service operation called Outsider Enterprise with thousands of phishing websites used to steal credit card data and passwords.

The cybercrime operation used AI and distributed phishing kits for campaigns impersonating various trusted brands in texts sent through AT&T, T-Mobile, and Verizon.

Outsider Enterprise has been active since at least 2023 and operated at a massive scale, with Google linking to it 9,000 fake websites and more than a million fraudulent URLs.

Authorities believe that phishing campaigns powered by Outsider Enterprise led to stealing more than 3.8 million credit card records, causing an estimated $1.9 billion in losses.

Action part of Operation Riptide

The action against Outsider Enterprise has technical and legal components and is part of the FBI's larger Operation Riptide that targets cybercrime activity and infrastructure.

During the technical takedown, the FBI and partners seized multiple administration servers, a Shopify e-commerce storefront, and an account the threat actor used to test the phishing service.

The agency also seized around $100,000 USDT from Outsider payment wallets. Thousands of phishing domains that the threat actor registered at U.S. providers are now redirecting to an FBI splash page.

FBI seizes site used by Outside Enterprise phishing-as-a-service<br>source: FBI

The agency also took over a Telegram bot linked to Outsider Enterprise that contained information on customers of the phishing service.

According to Google, the AI-assisted phishing operation has impacted hundreds of thousands of users worldwide.

The tech giant has filed a civil lawsuit targeting the operation&rsquo;s infrastructure, and is coordinating with telecommunications service providers AT&T, T-Mobile, and Verizon to block fraudulent messages before they reach to subscribers.

&ldquo;Our civil lawsuit targets an organized cybercrime operation known as the 'Outsider Enterprise'. Based in China and coordinating through Telegram, this network distributes "phishing kits" that allow criminals to blast out fake text campaigns that look like they&rsquo;re from Google and other trusted brands," Google says.

Over a two-week period in May, Google says that a total of 2.5 million SMS messages were sent to Android users from the Outsider Enterprise infrastructure. Android users flagged 55,000 of them as fraudulent.

The company estimates that hundreds of thousands of victims lost millions to these scams.

Google is using this opportunity "to combine aggressive legal action and collaboration with federal and state governments" and is advocating for seven bipartisan U.S. anti-scam bills, including the Stop SCAMS Act, to strengthen legal protections against AI-enabled fraud.

The Stop SCAMS Act would require the FBI to lead a coordinated national anti-scam strategy, bringing together federal agencies, law enforcement, and private companies to better track, disrupt, and prevent fraud and scam operations.

In the meantime, Google underlined that Android users are protected from these threats by AI-powered defenses.

The defenses support scam detection on Android that warns users about suspicious calls, and messaging protections that block more than 10 billion malicious messages every month.

For organizations struggling with phishing, business email compromise (BEC), and account takeover attacks, BleepingComputer is hosting a webinar on July 8 titled "Stop chasing alerts: Automating email security with behavioral AI."

The webinar will explore how behavioral AI can help security teams automate detection, investigation, and remediation workflows to reduce alert fatigue, accelerate response times, and improve resilience against modern email threats.

Test every layer before attackers do

Security teams log 54% of successful attacks and alert on just 14%. The rest move through your environment unseen.<br>The Picus whitepaper shows how breach and attack simulation tests your SIEM and EDR rules so threats stop slipping by detection.

Get the whitepaper

Related Articles:

California AG sues 23andMe over 2023 breach exposing health data<br>BTMOB Android malware service generates custom phishing payloads<br>Hackers abuse Google ads for GoDaddy ManageWP login phishing<br>New Bluekit phishing service includes an AI assistant, 40 templates<br>Canada arrests three for operating &ldquo;SMS blaster&rdquo; device in Toronto

Google

Lawsuits

Legal

Mobile

Phishing

Phishing Kit

Smishing

Bill Toulas

Bill Toulas is a tech writer and infosec news reporter with over a decade of experience working on various online publications, covering...

phishing service google outsider enterprise million

Related Articles

The Newest Instagram "Exploit" Is the Goofiest I've Seen

ssiddharth34 ptsaccount attacker email instagram seen like

Apple WWDC 2026 Livestream

nextstep32 ptsapple stream video event live feed

Claude Fable 5

Philpax30 ptsfable claude mythos model models capabilities

US Government directive to suspend access to Fable 5 and Mythos 5

Dylan131224 ptsfable government anthropic jailbreak access mythos

It's Not Just X. It's Y

mooreds21 ptslanguage model writing like grammarly human
terms · privacy · disclaimer · contact · policy
© 2026 NewsHub. All rights reserved.
This site is for informational purposes only. Content is aggregated from publicly available sources. We may earn commissions through affiliate links. Not affiliated with Y Combinator or Hacker News.