Google Sues To Dismantle Chinese Phishing Platform Behind Us Toll...
Google has filed a lawsuit to dismantle "Lighthouse", a phishing-as-a-service (PhaaS) platform used by cybercriminals worldwide to steal credit card information through SMS phishing ("smishing") attacks that impersonate the U.S. Postal Service (USPS) and E-ZPass toll systems.
The lawsuit aims to shut down the website infrastructure supporting the Lighthouse phishing-as-a-service (PhaaS), which Google says has affected over 1 million victims across 120 countries. It is estimated that these types of scams have stolen up to 115 million payment cards in the U.S. alone between July 2023 and October 2024 using these scams.
Google's lawsuit has brought claims against the Lighthouse platform under federal racketeering and fraud statutes, including the Racketeer Influenced and Corrupt Organizations Act, Lanham Act, and the Computer Fraud and Abuse Act.
According to Google, Lighthouse offers phishing templates and infrastructure to other cybercriminals, allowing them to send text messages claiming to be from well-known services like USPS or toll payment systems like EZPass.
BleepingComputer has previously reported on such scams after massive phishing campaigns targeted people in the United States, claiming to be from toll authorities.
The links in these smishing texts point to sites that impersonate toll authorities that claim the visitor has unsettled toll charges. However, the main goal of these sites is to steal personal information and credit card numbers for use in additional financial fraud.
Google says it found at least 107 phishing website templates that feature its own branding to boost the sites' reputations.
"They exploit the reputations of Google and other brands by illegally displaying our trademarks and services on fraudulent websites," explains Google.
"We found at least 107 website templates featuring Google's branding on sign-in screens specifically designed to trick people into believing the sites are legitimate."
Researchers at Cisco Talos have previously linked Lighthouse to smishing kits developed by the Chinese threat actor known as "Wang Duo Yu," who operates Telegram channels to sell and support the Lighthouse phishing kits.
Source: BleepingComputer
