Google filed a lawsuit on June 12, 2026, against a group of cybercriminals called the "Outsider Enterprise." They were using a phishing kit — a tool designed to create fake login pages that trick people into handing over their passwords. What makes this case unusual is that the scammers used artificial intelligence to create those fake pages faster and more convincingly than before. Reuters

Google also did something different with this lawsuit. Instead of treating the attackers as individual criminals, the company is suing them as an organized criminal enterprise, similar to how prosecutors handle organized crime cases. This legal approach — called RICO — allows Google to go after the whole operation, not just one person.

Here is how the scam worked. The criminals created fake versions of legitimate websites — banks, email providers, social media platforms — to trick people into logging in with their real passwords. Normally, building these fake pages requires skill and effort. But this group used AI to generate hundreds of convincing fake pages quickly and automatically. They also hosted these fake pages on Google's own cloud servers and file storage systems, which made them look legitimate. It is hard for most people to tell that a page is fake if it is coming from a Google address.

This caused a real problem for companies that use Google's services. Security teams at businesses typically allow all traffic to and from Google's domains — after all, Google's services are legitimate and widely used. But when the scammers put their fake pages on those same Google domains, it created a trap: block the domain and you break all of Google's actual services for your employees, or allow it and risk people getting tricked. The scammers designed their kit to exploit that exact problem.

What is notable about this lawsuit is that Google is specifically calling out the use of AI tools as part of the crime. In the past, security lawsuits have focused on phishing and malware; this case names AI as a central weapon. It is not yet clear how courts will treat that distinction legally, but it could matter for how companies are held responsible for criminal use of AI in the future.

Google chose to file a civil lawsuit rather than rely solely on criminal prosecution. That choice has practical value: a court can order websites and internet companies to shut down the fake pages and revoke the scammers' access immediately, without waiting for a criminal trial. Google has done this before — in 2023, it sued a malware operation and won court orders that let Google take down the entire distribution network within weeks.

The bigger picture is that phishing attacks are getting harder to defend against. AI tools have made it much easier for criminals to write convincing messages and create realistic-looking fake websites. At the same time, criminals have figured out that if they hide their scams inside legitimate companies' cloud systems, security tools designed to block suspicious websites do not catch them. The Outsider Enterprise is using both of these techniques together.

For anyone managing security at a company, the practical lesson is straightforward: do not simply trust all traffic from Google because it comes from Google. Add extra checks — like having your browser run websites in a protected sandbox, or checking links before you click them. And encourage employees to report suspected phishing attempts. No single defense works against all these tricks.

Google also made this lawsuit public, which signals to other criminals that abusing Google's own services to attack users will result in legal action, not just technical blocking. Whether this warning changes criminal behavior is an open question. The Outsider Enterprise members have not been publicly identified, suggesting the investigation is still active.