Google and OpenAI expose separate China-linked AI abuse operations

Two companies disclosed different kinds of AI abuse within days of each other

Google and OpenAI have separately disclosed operations they say originated in China, but the two cases point to distinct ways advanced AI tools are being folded into digital abuse. In Google's case, the issue is consumer fraud at scale. In OpenAI's case, it is covert influence activity aimed at shaping public debate. Taken together, the disclosures show how AI systems are now central not only to productivity and software development, but to the industrialization of scams and information operations.

Google's move was unusually aggressive. According to the supplied source material, the company filed a lawsuit in the US District Court for the Southern District of New York against a cybercrime network it calls Outsider Enterprise. Google alleges that the group used Gemini to target hundreds of thousands of Americans with financial fraud. The complaint says the defendants created 131 software kits capable of generating thousands of fake sites that impersonated brands and institutions including Google, YouTube, the US Postal Service, and New York's E-ZPass system.

The scale described in the source is substantial. Over a two-week stretch in May, the network allegedly sent 2.5 million messages to Android users containing links to 9,000 fake websites and more than a million fraudulent URLs. The operation was reportedly coordinated through Telegram. Google says this is the first lawsuit in which it is working alongside the FBI and major carriers including AT&T, T-Mobile, and Verizon. The company is seeking a restraining order that would make it easier for companies and law enforcement to move in concert by seizing domains or freezing accounts.

OpenAI's disclosure, released in its June 2026 threat report, points to a different threat pattern. The company said it banned two ChatGPT clusters allegedly based in China that attempted to influence debate around US technology policy. One cluster, labeled Data Center Bandwagon, generated English-language comments, comic strips, and edited images claiming that AI data center expansion was raising electricity prices for ordinary families. The content was spread through what OpenAI described as likely inauthentic X accounts using hashtags tied to energy and capacity issues.

The source adds that OpenAI traced the actors behind that campaign to a private Chinese technology company working on behalf of provincial authorities. That is a serious allegation because it shifts the issue from generic spam or freelance manipulation toward state-linked narrative shaping, even if indirect. The company's findings also underline how cheap, fast content generation can support operations that do not need to persuade everyone. They only need to flood channels with enough apparently organic material to distort the texture of debate.

What ties the two disclosures together is not just their origin claim. It is the growing convergence between cybercrime and influence work around AI tooling. Fraud networks can use models to make phishing pages, messages, and brand impersonation more convincing. Influence operators can use the same class of systems to mass-produce comments, images, and talking points tuned for specific policy fights. In both cases, AI compresses the cost of experimentation. Attackers can test narratives, targets, and formats faster and at greater volume than before.

The broader signal

• Google is treating AI-enabled fraud as a legal and infrastructure problem, not only a moderation issue.
• OpenAI is describing AI misuse in political discourse as part of a recurring threat-reporting function.
• Both disclosures suggest that platform defense now depends on coordination among model providers, telecom firms, and law enforcement.
• The line between traditional spam, cybercrime, and influence operations is getting thinner.

The immediate facts of the two cases differ, and both companies are presenting their own findings. But the strategic picture is clearer than it was even a year ago. AI abuse is no longer a hypothetical future problem. It is already embedded in live campaigns involving consumer fraud, infrastructure impersonation, and political narrative manipulation. That means the next phase of AI governance will be judged less by product demos than by whether the companies building these systems can contain the ways they are weaponized.

This article is based on reporting by The Decoder. Read the original article.