Google has announced a lawsuit in the US that aims to take down “Lighthouse,” an organization that sends scam phishing texts such as the USPS scams that everyone seems to get.
In a blog post today, Google details that it is “filing litigation to dismantle ‘Lighthouse,’ a massive Phishing-as-a-Service operation.”
“Lighthouse,” Google says, was built by bad actors as a way to deploy massive phishing attacks over SMS. Popular uses of the kit included those USPS scam texts that tell you about a “stuck package” or messages that look like they come from E-Z Pass about an unpaid toll. The goal of these messages is to look realistic enough to get someone to click on a link in the message which attempts to get the person to share their personal information.
As Google explains:
The scam is simple: criminals send a text message, prompting recipients to click a link and share information such as email credentials, banking information and more. They exploit the reputations of Google and other brands by illegally displaying our trademarks and services on fraudulent websites. We found at least 107 website templates featuring Google’s branding on sign-in screens specifically designed to trick people into believing the sites are legitimate.
Google adds that harm has come to “over 1 million victims” as a result of these phishing scams in mover than 120 countries. The scams have apparently managed to steal between 12.7 million and 115 million credit cards – a big range – in the US alone.
Beyond this single legal action, the company is further backing multiple pieces of legislation including the Guarding Unprotected Aging Retirees from Deception (GUARD) Act, Foreign Robocall Elimination Act, and Scam Compound Accountability and Mobilization (SCAM) Act, all of which are aiming to combat financial scams, robocalls, and more before victims are affected.
More on Google:
Follow Ben: Twitter/X, Threads, Bluesky, and Instagram
FTC: We use income earning auto affiliate links. More.
