Google Gemini scam lawsuit targets China phishing ring

Google has sued an alleged China-based cybercrime network, accusing it of using Gemini to draft scam messages, build fake websites and spread phishing links aimed at Android users and other targets.

In its Google Gemini scam lawsuit, the company puts a specific legal frame around a problem security teams have been tracking for months: ordinary AI writing tools are being pulled into high-volume fraud. Outsider Enterprise allegedly ran infrastructure tied to more than 9,000 fake websites and more than 1 million fraudulent URLs, with texts pushing victims towards bogus payment and account pages, Google said.

Filed in federal court in Manhattan, the case targets a group Google says used phishing kits, Telegram channels and automated templates to run scams, Reuters reported. The defendants were not authorised Google users and breached the company’s terms and anti-fraud rules, according to the complaint. Halimah DeLaine Prado, Google’s general counsel, said the suit was meant to cut off the group’s tooling.

“We’re filing a lawsuit to dismantle their infrastructure.”

For Australian readers, the useful takeaway is narrower than the headline might sound. Gemini is not accused of inventing a new type of crime. Google’s claim is that tools built for everyday text and code generation are now being bolted onto the same spam operations already hitting phones, email inboxes and messaging apps. Android users reported 55,000 spam texts linked to the campaign over a two-week period in May, according to Google.

Scale is the practical problem. A scammer does not have to hand-build every page or rewrite every lure if a template store, a messaging pipeline and an AI writing assistant can do the repetitive work. Fraud does not have to be more clever to be more useful to criminals; it can simply arrive faster, in more variations, than users or platform filters can comfortably triage.

What Google alleges

According to Google, the network sent 2.5 million messages to Android users over the same two-week period. Recipients would get a short message creating urgency, then be sent to a fake site built to collect credentials or payment data. Even a low response rate can matter at that volume.

Ars Technica reported that the group allegedly offered nearly 300 scam templates in Telegram channels, while Google said Gemini was used to help craft convincing scripts and web content. That puts the AI element in the production line, not at the centre of the alleged targeting. The complaint does not allege Gemini chose victims or ran the campaign; it says the tool lowered the time and cost needed to make fraud look legitimate.

Brett Leatherman, deputy assistant director of the FBI’s cyber division, said in Google’s post that criminals increasingly use AI to make fraud “more convincing and harder to detect”. Google framed the lawsuit as part of a wider response that includes product controls, threat sharing and legislation. Through the court, it can also seek orders against domains and accounts rather than only blocking abuse inside Gemini’s own dashboard.

For regulators and security teams, the filing offers a concrete example to test against. AI safety debates often sit at the level of jailbreaks, benchmark scores and acceptable-use policies. Here the claim is operational: an alleged fraud network used a mainstream AI system alongside phishing kits and messaging channels to produce scams at lower cost.

Basic verification remains the safest habit for users. An urgent text about a fee, parcel or account should be checked through the organisation’s own app or website, not through the link in the message. The lawsuit may remove one alleged network’s infrastructure. It will not remove the economics behind AI-assisted phishing.