FBI disrupts massive AI-powered phishing service using a million URLs
The FBI, in collaboration with Google and Black Lotus Labs, dismantled a large-scale Chinese phishing-as-a-service operation named Outsider Enterprise. This operation used AI-powered phishing kits and over a million fraudulent URLs to steal credit card data and passwords by impersonating trusted brands via SMS campaigns. Active since at least 2023, it caused estimated losses of $1.9 billion by compromising more than 3.8 million credit card records. The takedown involved seizing infrastructure, payment wallets, and disrupting phishing domains, which now redirect to an FBI splash page. Google is pursuing legal action and working with telecom providers to block fraudulent messages. Android users benefit from AI-driven scam detection and messaging protections that block billions of malicious messages monthly. The FBI's action is part of a broader initiative, Operation Riptide, targeting cybercrime infrastructure.
AI Analysis
Technical Summary
Outsider Enterprise was a Chinese phishing-as-a-service operation leveraging AI and distributed phishing kits to conduct large-scale SMS phishing campaigns impersonating trusted brands. The operation used approximately 9,000 fake websites and over one million fraudulent URLs to steal credit card and password data, resulting in an estimated $1.9 billion in losses and over 3.8 million compromised credit card records. The FBI, Google, and Black Lotus Labs coordinated a takedown involving seizure of administration servers, payment wallets, and phishing domains registered with U.S. providers. The operation also used Telegram for customer coordination. Google has filed a civil lawsuit targeting the infrastructure and collaborates with telecom providers to block fraudulent SMS messages. Android devices benefit from AI-powered scam detection and messaging protections. The disruption is part of the FBI's Operation Riptide, aimed at combating cybercrime infrastructure.
Potential Impact
The phishing operation led to the theft of over 3.8 million credit card records and caused approximately $1.9 billion in financial losses. It affected hundreds of thousands of users worldwide through SMS phishing campaigns impersonating trusted brands. The scale of the operation included over one million fraudulent URLs and thousands of phishing websites. The disruption of this infrastructure reduces ongoing risk to users and financial institutions. The operation also exploited major U.S. telecom providers to distribute fraudulent messages, impacting their subscribers.
Mitigation Recommendations
The FBI and partners have dismantled the Outsider Enterprise infrastructure, seized servers, payment wallets, and phishing domains, which now redirect to an FBI splash page. Google has filed a civil lawsuit and works with AT&T, T-Mobile, and Verizon to block fraudulent SMS messages before reaching subscribers. Android users benefit from AI-powered scam detection and messaging protections that block billions of malicious messages monthly. No further immediate action is required from users or defenders beyond maintaining updated protections. Organizations should monitor vendor advisories for updates related to this threat and continue leveraging AI-based detection technologies.
FBI disrupts massive AI-powered phishing service using a million URLs
Description
The FBI, in collaboration with Google and Black Lotus Labs, dismantled a large-scale Chinese phishing-as-a-service operation named Outsider Enterprise. This operation used AI-powered phishing kits and over a million fraudulent URLs to steal credit card data and passwords by impersonating trusted brands via SMS campaigns. Active since at least 2023, it caused estimated losses of $1.9 billion by compromising more than 3.8 million credit card records. The takedown involved seizing infrastructure, payment wallets, and disrupting phishing domains, which now redirect to an FBI splash page. Google is pursuing legal action and working with telecom providers to block fraudulent messages. Android users benefit from AI-driven scam detection and messaging protections that block billions of malicious messages monthly. The FBI's action is part of a broader initiative, Operation Riptide, targeting cybercrime infrastructure.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
Outsider Enterprise was a Chinese phishing-as-a-service operation leveraging AI and distributed phishing kits to conduct large-scale SMS phishing campaigns impersonating trusted brands. The operation used approximately 9,000 fake websites and over one million fraudulent URLs to steal credit card and password data, resulting in an estimated $1.9 billion in losses and over 3.8 million compromised credit card records. The FBI, Google, and Black Lotus Labs coordinated a takedown involving seizure of administration servers, payment wallets, and phishing domains registered with U.S. providers. The operation also used Telegram for customer coordination. Google has filed a civil lawsuit targeting the infrastructure and collaborates with telecom providers to block fraudulent SMS messages. Android devices benefit from AI-powered scam detection and messaging protections. The disruption is part of the FBI's Operation Riptide, aimed at combating cybercrime infrastructure.
Potential Impact
The phishing operation led to the theft of over 3.8 million credit card records and caused approximately $1.9 billion in financial losses. It affected hundreds of thousands of users worldwide through SMS phishing campaigns impersonating trusted brands. The scale of the operation included over one million fraudulent URLs and thousands of phishing websites. The disruption of this infrastructure reduces ongoing risk to users and financial institutions. The operation also exploited major U.S. telecom providers to distribute fraudulent messages, impacting their subscribers.
Mitigation Recommendations
The FBI and partners have dismantled the Outsider Enterprise infrastructure, seized servers, payment wallets, and phishing domains, which now redirect to an FBI splash page. Google has filed a civil lawsuit and works with AT&T, T-Mobile, and Verizon to block fraudulent SMS messages before reaching subscribers. Android users benefit from AI-powered scam detection and messaging protections that block billions of malicious messages monthly. No further immediate action is required from users or defenders beyond maintaining updated protections. Organizations should monitor vendor advisories for updates related to this threat and continue leveraging AI-based detection technologies.
Technical Details
- Article Source
- {"url":"https://www.bleepingcomputer.com/news/security/fbi-disrupts-massive-ai-powered-phishing-service-using-a-million-urls/","fetched":true,"fetchedAt":"2026-06-14T21:55:18.695Z","wordCount":810}
Threat ID: 6a2f23541cccde5f263f19a9
Added to database: 6/14/2026, 9:55:32 PM
Last enriched: 6/14/2026, 9:55:39 PM
Last updated: 6/15/2026, 4:14:43 AM
Views: 13
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.