Google SMS scam lawsuit targets massive Lighthouse phishing network

Ethan Cole
Ethan Cole I’m Ethan Cole, a digital journalist based in New York. I write about how technology shapes culture and everyday life — from AI and machine learning to cloud services, cybersecurity, hardware, mobile apps, software, and Web3. I’ve been working in tech media for over 7 years, covering everything from big industry news to indie app launches. I enjoy making complex topics easy to understand and showing how new tools actually matter in the real world. Outside of work, I’m a big fan of gaming, coffee, and sci-fi books. You’ll often find me testing a new mobile app, playing the latest indie game, or exploring AI tools for creativity.
3 min read 71 views
Google SMS scam lawsuit targets massive Lighthouse phishing network

Google SMS scam lawsuit is taking aim at one of the largest phishing networks in the world. Google has filed a case against a Chinese hacking group accused of running “Lighthouse,” a large-scale SMS phishing platform that sells access to criminals for a monthly fee.

The group allegedly used the service to launch fake campaigns impersonating trusted brands like USPS and E-Z Pass. Victims received text messages or emails linking to phishing websites disguised as legitimate login pages. Once people entered their credentials, the hackers stole them instantly.

Google also found 107 fake sign-in templates using its own branding, all designed to steal personal information and payment details.

Google SMS scam lawsuit reveals over one million victims

In its official statement, Google reported that the Lighthouse scam has affected more than one million victims across 121 countries. The network allegedly stole around $1 billion, including up to 115 million U.S. credit card numbers.

Typically, victims received fraudulent USPS notifications claiming they needed to pay a small “redelivery fee” for a package. Despite the small amount, these scams tricked millions globally.

A billion-dollar fraud network under investigation

According to The Financial Times, Google’s lawsuit references data from cybersecurity company Silent Push. That evidence connects Lighthouse to a Chinese criminal organization known as the “Smishing Triad.”

Earlier this year, the group reportedly created 200,000 fake websites that received about 50,000 visits a day. As a result, millions of U.S. credit cards were compromised within only 20 days.

The lawsuit invokes the Racketeer Influenced and Corrupt Organizations (RICO) Act, along with the Lanham Act and the Computer Fraud and Abuse Act. If Google wins, it will gain authority to work directly with internet providers and domain hosts to dismantle the operation’s servers and websites.

Google expands its anti-fraud efforts

Beyond this Google SMS scam lawsuit, the company is also supporting several bipartisan cybersecurity bills in the U.S. Congress. These bills aim to strengthen the legal framework for combating international cybercrime.

For example, one proposal allows local law enforcement to use federal grants to investigate financial fraud targeting retirees. Another bill would create a task force to block foreign robocalls. A third focuses on shutting down “scam compounds” — large centers where trafficked workers are forced to carry out online scams.

Why the Google SMS scam lawsuit matters

The Google SMS scam lawsuit could set a new precedent for how tech giants confront organized cybercrime. By invoking racketeering laws, Google is showing that digital fraud can — and should — be prosecuted as organized crime.

Moreover, this case highlights a growing shift in strategy. Instead of fighting scams solely with algorithms and filters, companies are starting to pursue the infrastructure behind them — legally and globally.

Ultimately, Google’s message is clear: cybersecurity isn’t just about technology; it’s about accountability.

Read also

Join the discussion in our Facebook community.

Share this article: