That suspicious text about a package, toll bill or account problem may look harmless at first. You glance at it, see a familiar brand name and think, “I’ll just check.” That quick tap can lead straight into a professional scam funnel.
The FBI, Google and Black Lotus Labs helped disrupt a massive China-based phishing-as-a-service operation known as Outsider Enterprise. Authorities say the operation powered fake websites built to steal credit card numbers, passwords and other personal information.
What makes this one especially troubling is how polished these scams have become. Criminals no longer need to build every fake page from scratch. They can rent phishing kits, use AI to speed up the work and send waves of scam texts to unsuspecting people. That should make every one of us pause before tapping a link in a text.
Sign up for my FREE CyberGuy Report
GENAI, THE FUTURE OF FRAUD AND WHY YOU MAY BE AN EASY TARGET
Outsider Enterprise was a phishing-as-a-service operation. In other words, it gave other criminals the tools to run scams. Instead of one scammer typing out sloppy messages from a laptop, this setup worked more like a criminal software business. It offered phishing kits, fake websites and infrastructure that helped criminals impersonate trusted brands.
Google says the network was tied to more than 9,000 fake websites and over 1 million fraudulent URLs. Those sites were designed to look real enough to trick people into entering credit card details, passwords or other sensitive information.
The scams often started with text messages. Some appeared to come from major wireless carriers, delivery services, toll agencies or other familiar companies. That’s what makes these attacks so dangerous. The text may arrive in the same place you get real alerts from banks, delivery services or phone providers.
AI helped give this operation speed and polish. In a civil lawsuit filed in federal court in New York, Google alleges the phishing kit used AI tools, including Gemini, to help criminals create fraudulent sites and scam content. That means the messages can look cleaner, the websites can appear more convincing and the operation can move faster.
That’s a big shift. Many people still expect scam messages to have bad grammar, strange wording or obvious red flags. Those clues still show up, but they are becoming less reliable. A fake page can now look like the real thing. A scam text can sound normal. A payment request can appear urgent without feeling ridiculous. That to me is scary because the average person has less time to spot the trap.
The scale was huge. Google says 2.5 million messages were sent to Android users from Outsider Enterprise infrastructure over a two-week period in May. Android users flagged 55,000 of those messages as fraudulent.
FBI Cyber Division Assistant Director Brett Leatherman said Outsider infrastructure was tied to an estimated 3.87 million stolen credit cards and $1.9 billion in losses.
That number tells you something important. These scams are not random annoyances. They are part of an organized criminal business built to reach huge numbers of people fast.
The action against Outsider Enterprise included both technical and legal steps. The FBI said the technical takedown was dubbed Operation Ghost Hook. Leatherman also tied the effort to Operation Riptide, a broader FBI campaign aimed at disrupting cybercrime operations.
The FBI and its partners seized administration servers, phishing domains, a Shopify storefront and about $100,000 from payment wallets tied to the operation.
Google’s civil lawsuit is part of the broader effort to disrupt Outsider Enterprise’s infrastructure. The company says it is working with AT&T, T-Mobile and Verizon to help block fraudulent messages before they reach subscribers. Google says its Android protections also help detect suspicious calls and block malicious messages. Still, no filter catches everything.
GLOBAL SCAM CRACKDOWN LEADS TO 276 ARRESTS
Text scams often arrive when you are distracted. Maybe you are heading into a meeting, paying bills or waiting for a package. A message about an account problem can make you react fast before you stop to question it.
Scammers count on that split-second panic. A fake text might say your delivery failed, your phone bill has an issue or your account will be locked. The link then sends you to a page that looks real enough to steal your login, credit card number or one-time code. The whole trick depends on speed. The less time you spend thinking, the better the scam works.
These steps can help you avoid the fake texts, fake websites and account traps that phishing operations rely on.
Treat unexpected links like a warning sign, even when the message looks official. Go directly to the company’s app or website instead. Type the address yourself or use a saved bookmark.
Scammers want you to panic. Take a breath before you act. Real companies usually give you more than a few minutes to fix an issue.
Look closely at the domain name before typing in a password, card number or code. A scam site may use one extra word, a strange ending or a spelling that looks close to the real company.
A legitimate company will not ask you to send back a one-time code by text. If someone asks for a code, assume they are trying to break into your account.
If a text asks for a credit card number, password or account login, stop. Open the official app or call the company using a number from your card, bill or trusted website.
Spam protection can help move suspicious texts out of your main inbox before you accidentally tap a bad link.
On iPhone: Go to Settings > Apps > Messages > Unknown Senders > turn on Screen Unknown Senders. You can also open Messages, tap Filters and review messages under Unknown Senders or spam/junk filtering when available.
For suspicious texts on iPhone, use Report Junk when it appears under the message.
On Samsung using Google Messages: Open Google Messages > tap your profile icon or initials > tap Messages settings > tap Spam protection or Protection & Safety > turn on Enable spam protection.
For suspicious texts on Samsung, open the message in Google Messages, tap the three dots, tap Details and choose Block & report spam.
IS THAT TRAFFIC TICKET TEXT A SCAM OR REAL?
Set a strong account password and add a carrier PIN when your provider offers one. This helps protect your phone number from criminals who try to hijack accounts or reset passwords.
Scammers often sound convincing because they already know something about you. That information can come from people-search sites, data brokers, old breaches or public records. Consider using a data removal service to reduce how much personal information is floating around online. Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com
Strong antivirus software can help block malicious links, fake websites and phishing pages before they cause damage. It adds another layer of protection when a scam slips past your first line of defense. Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android & iOS devices at Cyberguy.com
A password manager can help you avoid reusing passwords across accounts. It can also make fake login pages easier to spot because it may not autofill your credentials on a bogus site.
Use two-factor authentication (2FA) on important accounts, especially email, banking and wireless carrier accounts. An authentication app or hardware security key gives you stronger protection than texted codes.
Some banks and card issuers offer virtual card numbers. These can limit the damage if a shopping site, fake checkout page or scam link steals payment details.
Check your accounts often for small mystery charges. Criminals sometimes test a stolen card with a small purchase before going bigger.
A credit freeze can stop criminals from opening new accounts in your name. You can freeze your credit for free with Equifax, Experian and TransUnion.
Forward suspicious texts to 7726, which spells SPAM. You can also report phishing attempts to the company being impersonated and to the FBI’s Internet Crime Complaint Center at IC3.gov.
Taking down Outsider Enterprise is great news. But let’s be real here. Scammers are not going away because one operation got hit. What worries me most is how real these fake texts and websites can look now. AI gives criminals another way to clean up the wording, copy trusted brands and move faster than most people expect. So my advice is simple. Don’t tap the link. Open the company’s real app or type in the website yourself. Those few extra seconds can be the difference between staying safe and handing a scammer your credit card, password or one-time code.
Does this takedown make you feel better about the fight against scammers, or do you still think the crooks are one step ahead? Let us know by writing to us at Cyberguy.com
Sign up for my FREE CyberGuy Report
Copyright 2026 CyberGuy.com. All rights reserved.
