An international operation by the FBI, Google, and security firm Black Lotus Labs has led to the takedown of a large-scale platform that provided cybercriminals with tools for phishing attacks.
According to investigators, the network, which operated under the name Outsider Enterprise, offered a complete service that allowed fraudsters to target victims on a large scale via text messages and fake websites.
According to BleepingComputer, the case demonstrates how cybercrime is becoming increasingly professionalized. Instead of building their own infrastructure, attackers could use a turnkey service that provided all necessary components. These included domain names, phishing pages, management environments, and tools to set up campaigns that masqueraded as communications from well-known organizations.
Years-long operation
According to the researchers, the platform had been active for quite some time. During that period, a massive number of fraudulent web addresses were reportedly used to lure users to fake login and payment pages. The goal was to collect credit card details, account information, and other valuable personal data.
The scale of the operation is evident from figures released by Google. The company identified thousands of websites linked to the network, along with more than a million suspicious URLs. Worldwide, hundreds of thousands of people are believed to have encountered the campaigns.
The takedown is part of a broader U.S. strategy to combat cybercriminal infrastructure. The focus is not only on individual attackers but specifically on the underlying services that enable large-scale fraud.
During the operation, various systems belonging to the organization were seized or taken offline. The FBI also managed to secure cryptocurrency that was presumably used for payments within the platform. A number of domains previously used for phishing campaigns are now under the control of the authorities.
Notably, investigators also gained access to communication channels used to support the service’s customers. According to those involved, that information can help identify individuals who used the platform for their own campaigns.
Google is also taking legal action
In addition to technical measures, Google is taking a legal approach. The company has filed a lawsuit against the parties behind the network and is collaborating with telecom operators to intercept suspicious text messages earlier.
That collaboration appears necessary. Data from Google shows that millions of messages were distributed via the network’s infrastructure in a short period. A significant portion of those were flagged by recipients as fraudulent.
A key aspect of the case is the use of artificial intelligence. According to the researchers, AI was used to set up phishing campaigns more quickly and make them more convincing. This allows even less experienced cybercriminals to carry out large-scale attacks with relative ease.
This development fits into a broader trend in which AI is not only used for defensive purposes but is also increasingly becoming part of attackers’ arsenal. For law enforcement agencies and security firms, this means they must constantly adapt their approach to new forms of automated fraud.