google-v-outsider-enterprise-complaint

p. 1

UNITED STATES DISTRICT COURT
FOR THE SOUTHERN DISTRICT OF NEW YORK
GOOGLE LLC,
Plaintiff,
v.
DOES 1–25,
Defendants.
Civil Action No.:
COMPLAINT FOR DAMAGES AND INJUNCTIVE RELIEF
Case 1:26-cv-04982-VM Document 1 Filed 06/12/26 Page 1 of 66

p. 2

2
Plaintiff Google LLC (“Google”), by and through its attorneys, brings this Complaint
against Does 1–25 (the “Defendants”) for injunctive relief and damages. Google alleges as follows:
INTRODUCTION
1. Defendants are a group of foreign-based cybercriminals who have made
sophisticated fraud as simple as a few clicks of the mouse. They built, maintain, and use a turn-
key, online software suite that enables criminals, regardless of technical skill, to publish fraudulent
websites designed to rob victims and enrich themselves. With this “phishing-for-dummies”
software—called “Outsider”—fraud that previously required technical sophistication is readily
accessible. And the threat is only growing with the use of artificial intelligence (“AI”). In late
2025, phishing attacks generated using AI reportedly increased more than fourteenfold and now
account for over half of all reported phishing incidents.1 Google is suing to disrupt this criminal
enterprise and to protect its users and the online ecosystem they use every day.
2. As with prior phishing scams, the fraud typically starts with a text message. But
where prior scams lured victims with messages alerting them to missed packages or overdue
highway tolls, these latest scams attempt to dupe victims by alerting them to a purported problem
with their brokerage account, or insisting they are eligible for rewards through their mobile phone
carrier. The text then links to a website that mimics the purported source of the text—for example,
the investment manager or phone carrier—and then dupes victims into disclosing personal and
financial information. Of course, the website is a fake, and the information goes to the scammers,
who exploit it for their own criminal gain.
1 Eliot Baker & Maxime Cartier, Phishing Trends Report 2026, Hoxhunt (2026),
https://tinyurl.com/3c485zwv.
Case 1:26-cv-04982-VM Document 1 Filed 06/12/26 Page 2 of 66

p. 3

3
3. This type of scam is called a phishing attack. The key to the phishing attacks at
issue in this action is Outsider, the powerful phishing software created by Defendants. For a
subscription fee as low as $88 a week, the Outsider “phish kit” allows its users to create fraudulent
websites, launch phishing campaigns, and steal victims’ credit card numbers, bank account
credentials, and personal data. The criminal enterprise in this case (the “Outsider Enterprise” or
“Enterprise”) includes the creators and administrators of this kit, as well as the criminals who
license and use it to perpetrate these scams.
4. Like other phish kits, Outsider offers more than 290 pre-built templates that mimic
the legitimate websites of trusted institutions—from financial services providers that maintain
brokerage accounts, to wireless telephone service providers, government agencies, and retailers. It
also provides real-time keystroke logging, and even a sleek performance dashboard to track the
success of a criminal’s phishing campaign—all from a single interface. The Enterprise also created
and maintains an online community of discussion forums where members of the criminal
Enterprise can identify other members with necessary skillsets (such as mass-texting or harvesting
incoming financial information) and collaborate to execute a particular attack.
5. As a result, a criminal with no programming knowledge can, for example, generate
a near-perfect replica of a cellular provider’s website in minutes, coordinate to send “bait” text
messages to thousands of targets, and begin harvesting stolen data with little effort. Indeed, the
Outsider software has been used to create over a million phishing websites to swindle innocent
victims out of millions of dollars.
6. As if Outsider’s plug-and-play simplicity were not alarming enough, the Enterprise
has made the tool even more powerful by providing step-by-step instructions on how Outsider can
weaponize AI-generated code. Following those instructions, Enterprise members can use AI tools
Case 1:26-cv-04982-VM Document 1 Filed 06/12/26 Page 3 of 66

p. 4

p. 5

p. 6

p. 7

p. 8

p. 9

p. 10

p. 11

p. 12

p. 13

p. 14

p. 15

p. 16

p. 17

p. 18

p. 19

p. 20

p. 21

p. 22

p. 23

p. 24

p. 25

p. 26

p. 27

p. 28

p. 29

p. 30

p. 31

p. 32

p. 33

p. 34

p. 35

p. 36

p. 37

p. 38

p. 39

p. 40

p. 41

p. 42

p. 43

p. 44

p. 45

p. 46

p. 47

p. 48

p. 49

p. 50

p. 51

p. 52

p. 53

p. 54

p. 55

p. 56

p. 57

p. 58

p. 59

p. 60

p. 61

p. 62

p. 63

p. 64

p. 65

p. 66

Page of 66