Outsider Enterprise was a large-scale phishing-as-a-service platform operating out of China and coordinated through Telegram. It enabled threat actors to impersonate known brands via SMS campaigns, sending over 2.5 million malicious messages in a two-week period. The platform hosted more than 9,000 fake websites and over 1 million URLs. Over three years, it facilitated theft of approximately 3.8 million credit cards, resulting in about $1.9 billion in financial losses. The FBI's Operation Riptide led to seizure of administrative domains, cryptocurrency assets, and phishing infrastructure. Google collaborated with telecom providers to block phishing texts and filed lawsuits to dismantle the infrastructure. The platform targeted individuals in the US and at least 54 other countries.

The phishing platform caused significant financial losses estimated at $1.9 billion by stealing nearly 4 million credit cards. It affected hundreds of thousands of victims globally, primarily through SMS-based phishing campaigns targeting Android users. The widespread distribution of phishing sites and URLs facilitated large-scale credential and financial data theft. The takedown disrupted the platform's operations and removed thousands of phishing domains hosted by US providers.

The FBI and Google have dismantled the Outsider Enterprise infrastructure, seized domains and assets, and rerouted phishing domains to an FBI splash page. Telecom providers AT&T, T-Mobile, and Verizon are blocking phishing SMS messages associated with the platform. Legal actions are underway to permanently disrupt the service. Organizations and users should remain vigilant against phishing attempts, but no additional immediate remediation actions are specified by the authorities. Patch status is not applicable as this is a phishing service takedown rather than a software vulnerability.