Yo team β€” get ready because what I just read is genuinely infuriating AND kind of impressive in a dark way I can barely process. Google has filed suit against an operation called "Outsider Enterprise" based out of Chengdu β€” the name itself sounds like they were hiding it, which always hints at something bigger lurking underneath. This wasn't some amateur phishing crew; this was a massive Chinese cybercrime organization that leveraged AI to target hundreds of thousands of people with scam texts over just two weeks. They didn't send static templates - they used an LLM to generate personalized messages for each recipient and routed them through hundreds of spoofed numbers on burner cards, which is exactly what makes modern phishing so dangerous: the copy isn't generic, there are no glaring typos, and it feels legitimately personal because AI did the heavy lifting. They even ran fake sites that were nearly identical to legitimate ones, complete with malicious code designed to exfiltrate credentials from anyone foolish enough to enter them.

And here is where it gets truly wild: out of the 137 people who received these texts, over sixty actually engaged β€” that's a roughly 44% engagement rate for an SMS phishing operation! You can almost picture each user getting a text and thinking "Oh, this looks legit" because the AI-generated copy was convincing enough. This isn't just one group with bad intentions; it shows how crime organizations are actively weaponizing LLMs at scale β€” using them not only to write the bait but also to rapidly clone entire websites without manual effort. Google suing an overseas cybercrime gang in U.S. courts is a significant escalation too, because they don't file this kind of lawsuit lightly and this marks one of the first times an American tech giant has taken direct legal action against a foreign criminal organization for SMS phishing fraud specifically.

This story should scare everyone who trusts unsolicited texts from "trusted" companies β€” no bank or service will ever text you with a link to log in, period. The scale is what gets me: 250 victim accounts targeted and over 137 contacts engaged means their pipeline was optimized for mass conversion through AI automation, which we'll see more of as these tools get cheaper and easier to deploy. We need better protections at the carrier level and honest conversation about why a text from your bank should always be met with skepticism rather than immediate clicks. I can't unsee those engagement numbers β€” that means dozens of people were genuinely deceived by AI-authored prose, and that is a capability we'll have to learn to defend against collectively.

Source: https://techcrunch.com/2026/06/12/google-sues-alleged-chinese-cybercrime-operation-that-used-ai-to-send-scam-texts/