Operation Riptide’s seizure order against Outsider Enterprise reads like a takedown scorecard: 9,000 fake websites, more than a million fraudulent URLs, and an estimated $1.9 billion in consumer losses from 3.8 million stolen credit card records. The math is grim.\n\nThe technical action seized multiple administration servers, a Shopify storefront, and roughly $100,000 USDT from Outsider payment wallets. Thousands of phishing domains registered at U.S. providers now redirect to an FBI splash page. The bureau also seized a Telegram bot that held customer records of the phishing service. That’s a direct customer list, now in federal hands.\n\nGoogle’s civil lawsuit targets the same infrastructure. The company coordinated with AT&T, T-Mobile, and Verizon to cut off fraudulent texts at the carrier level. Over two weeks in May, the operation pushed 2.5 million SMS messages to Android users, with 55,000 flagged by users as fraudulent. I read Google’s blog this week: the company describes distributed phishing kits enabling criminals to “blast out fake text campaigns that look like they’re from Google and other trusted brands.”\n\nActive since at least 2023, the operation used AI to power phishing campaigns across nine thousand spoofed sites. That scale took Black Lotus Labs, Google, and the FBI working in parallel to map.\n\nGoogle is now pushing for seven bipartisan anti-scam bills, including the Stop SCAMS Act, which would task the FBI with coordinating a national anti-scam strategy. That’s a rare legislative ask from a company that usually handles enforcement problems with its own infrastructure. It signals carrier-level blocking isn’t enough at this scale. Worth auditing your own SMS brand exposure before the next Outsider Enterprise gets operational.\n\n— Rebecca Lauren