Google has initiated legal proceedings against the China-based criminal group Outsider Enterprise. The attackers used AI-based tools to automate the creation of convincing content and conduct mass phishing campaigns through Telegram and SMS.
What Happened
An investigation into Outsider Enterprise's activities revealed the creation of more than 9,000 fake websites and the use of 1 million malicious URLs. In the two weeks of May 2026 alone, approximately 2.5 million malicious messages were recorded.
Context
The use of generative AI has allowed criminals to transition from manual creation of phishing materials to industrial-scale operations. This creates a critical gap between the speed of generating new threats and the capabilities of detection systems, making traditional content filtering methods less effective.
Why It Matters for the Industry
For the security industry, this case signifies the need to shift from reactive content analysis to preemptive infrastructure blocking at the network level. An arms race is expected between generative models used for fraud and specialized defensive AI systems, which will require the integration of AI analysis directly into provider network infrastructure.
Why It Matters for Users
The use of AI makes fraudulent messages in SMS and Telegram much more plausible and difficult to recognize using standard methods. It is critical for readers to verify any data requests or links, even if they appear official, as visual and textual signs of forgery are becoming virtually undetectable.
What Is Not Yet Known / Limitations
The focus of the discussion is shifting from detection complexity to assessing market opportunities and risks for individual developers.
Sources
Author
Look at AI, Editorial Staff