On June 12, 2026, Google filed a civil lawsuit against a China-based cybercrime network known as Outsider Enterprise. The complaint alleges that the group used Google’s own Gemini AI to generate phishing landing pages, then sent approximately 2.5 million fraudulent messages in a single two-week window in May 2026. The messages impersonated Google, YouTube, and the U.S. Postal Service. The operation generated roughly 55,000 spam complaints, left behind nearly 9,000 fake websites and more than one million fraudulent URLs, and is linked to the theft of approximately 3.87 million credit card numbers and an estimated $1.9 billion in losses dating back to July 2023.
Google is charging Outsider Enterprise with racketeering, wire fraud, and trademark infringement. The lawsuit is one of the most consequential corporate legal actions against AI-assisted fraud on record.
What Outsider Enterprise Actually Built
This was not a loose collection of individual scammers sending handcrafted phishing emails. Outsider Enterprise built infrastructure. According to the complaint, the network developed tools, templates, and campaign dashboards that allowed non-technical operators to launch sophisticated phishing campaigns without writing a single line of code. Gemini AI was used to generate the content of phishing landing pages – pages designed to mimic legitimate authentication flows, package tracking portals, and account verification screens for major brands.
The result was a phishing-as-a-service operation with AI at its core. A non-technical participant could select a brand to impersonate, choose a message template, target a recipient list, and deploy a campaign within minutes. The AI handled content quality. The infrastructure handled delivery.
In May 2026, that infrastructure sent 2.5 million messages in two weeks. That pace – roughly 178,000 messages per day – is not achievable through manual effort. It is only possible because AI removed the content bottleneck that previously limited phishing at scale. Operators no longer need to write convincing copy, clone websites, or maintain technical skills. They need an account and a target list.
Why This Is an Email Security Story
The messages Outsider Enterprise sent were primarily delivered via SMS, targeting Android users. That detail matters for context, but it does not confine the lesson to text messaging.
The phishing pages generated by Gemini AI – pages mimicking Google login flows, USPS package tracking screens, YouTube account verification – are functionally identical to the landing pages used in email phishing campaigns. The delivery channel differs; the impersonation infrastructure is the same. Any operation capable of deploying 2.5 million messages in two weeks using AI-generated content is capable of routing that same content through email at comparable or greater scale.
Google’s June 2026 fraud and scams advisory, published alongside the lawsuit, makes this connection explicit. The advisory identifies AI-powered phishing targeting Gmail’s 1.8 billion users as one of the primary active threat vectors. It notes that global fraud losses reached approximately $580 billion in 2025, and that AI-driven scam incidents have grown by 1,210% in recent periods. The advisory is not limited to SMS. It addresses the convergence of AI-generated content and email delivery against the world’s largest email platform.
The One Thing AI Cannot Fake
Generative AI has effectively eliminated the content quality gap that once made phishing detectable. A message composed by a capable AI model contains no grammatical errors, uses authentic brand voice, adapts to regional language conventions, and scales personalization without additional effort. The heuristic that trained users once relied on – misspellings, awkward phrasing, generic salutations – no longer functions when the message was written by AI.
What AI cannot do is forge your domain’s cryptographic authentication.
DMARC – Domain-based Message Authentication, Reporting and Conformance – works by cryptographically binding email messages to the domain they claim to originate from. An email claiming to come from usps.com must have been sent by infrastructure that USPS has authorized in its SPF record, and it must carry a DKIM signature that validates against a public key USPS controls. If either condition fails, and the domain’s DMARC policy is set to p=reject, the receiving mail server discards the message before it reaches any inbox.
No amount of AI-generated content quality changes this outcome. A perfectly constructed phishing email impersonating your domain, sent from unauthorized infrastructure, fails authentication and is discarded. The AI wrote a message that never arrives.
When Outsider Enterprise impersonated USPS in its campaigns, any email-based versions of those attacks – provided USPS enforced DMARC at p=reject – would have been rejected by Gmail, Outlook, and Yahoo at the gateway. The SMS messages were harder to intercept because SMS lacks an equivalent authentication layer. Email does not have that gap. It has DMARC, and DMARC works.
What BIMI Adds to This Picture
DMARC enforcement at p=reject is the technical mechanism that prevents unauthorized email from reaching inboxes. BIMI – Brand Indicators for Message Identification – is the visible layer that confirms to recipients that an authenticated message is genuinely from the claimed sender.
With BIMI properly configured, verified brand logos appear next to email messages in supporting mail clients before the message is opened. That visual signal requires passing all three authentication checks – SPF, DKIM, and DMARC – and obtaining a Verified Mark Certificate issued by an approved certificate authority. It cannot be replicated by a phishing operation because BIMI verification is anchored to domain control, the same cryptographic control that DMARC enforces.
In an environment where AI generates flawless phishing content at scale, the presence or absence of a verified brand logo becomes a signal recipients can actually use to distinguish legitimate mail from impersonation.
The Democratization of Industrial-Scale Phishing
Google’s lawsuit against Outsider Enterprise documents a structural shift in how phishing operates. The defining characteristic of this operation is not sophistication – it is accessibility. Gemini AI removed the need for skilled content creators. Campaign dashboards removed the need for technical operators. The result is a phishing factory where the barrier to entry collapsed entirely.
This pattern is not unique to Outsider Enterprise. The FBI’s 2025 Internet Crime Report documented $16.6 billion in cybercrime losses, with business email compromise and phishing consistently among the top categories by financial impact. The tools that once required significant expertise are now accessible to anyone with an internet connection and a willingness to pay a subscription fee to a cybercrime service.
Against this backdrop, the organizations most exposed to brand impersonation in email are those whose domains are not enforcing DMARC. A domain publishing p=none collects aggregate reports but does not instruct receiving servers to reject unauthorized messages. A domain at p=quarantine directs suspicious messages to spam folders, which recipients sometimes retrieve. A domain at p=reject closes the gap entirely: every email claiming to come from that domain that lacks valid authentication is rejected before delivery.
The Google lawsuit is a document of what AI-powered brand impersonation looks like when someone builds a factory around it. The authentication layer that limits this threat in email is available to every domain owner. The question is whether it is enforced.
Excello Mail gives you full visibility into your DMARC posture, clear guidance on moving to p=reject enforcement, and aggregate report analysis that shows exactly who is sending email on behalf of your domain. Sign up for free to Excello Mail and make your domain’s cryptographic identity the defense that no AI-powered phishing factory can fake.