Chinese cybercriminals are scamming the world. Over the last few years, these fraudsters have sent millions of scam text messages—often impersonating the USPS or toll-road collection firms—and allegedly made more than a billion dollars from their brazen schemes. The groups of SMS scammers are a prolific—and annoying—menace to millions of people.
Now, in one of the most high-profile actions against the scammers so far, Google is suing alleged members of one “relentless” Chinese smishing group that it claims has tried to con people in more than 120 countries around the world. In a civil lawsuit filed today in the US Southern District of New York, Google alleges that 25 unnamed individuals have operated as part of the “Lighthouse” scam network and targeted millions of Americans with texts in a “staggering” operation.
As well as “stealing” information and money from people globally, the Lighthouse Enterprise, which is sometimes known as part of the “Smishing Triad,” also “preys on the public trust in Google” by using its logos on fraudulent websites and abusing its systems and technology, the company’s lawsuit claims. “With the rise in scams, it’s largely due to the action of organized crime networks, and most of them are transnational,” Halimah DeLaine Prado, general counsel at Google, alleges in an interview with WIRED. “The Lighthouse network has an enormous reach.”
The Lighthouse group is one of several Chinese-speaking smishing groups that have emerged in recent years. Broadly, the groups blast out scam messages to thousands of people using SMS, Google’s RCS service, or Apple’s iMessage. Each scam text impersonates an organization—such as delivery firms, banks, or law enforcement services—and includes a link to a fraudulent website. If someone enters their details into these false websites, the scammers can collect their personal information and bank details in real time. Some of the groups are also known to create false online shopping websites that can also steal data.
Central to the Lighthouse operation is its scamming software, called Lighthouse. This software is developed by cybercriminals and then sold as a subscription service to less technically capable fraudsters who use it to send the scam text messages. Scammers can purchase “weekly, monthly, seasonal, annual, or permanent” subscriptions to use the software, Google’s lawsuit claims.
“The Lighthouse platform is a phishing-as-a-service tool used by cybercriminals to steal bank and card information, offering ready-made phishing templates, fake websites, and backend management tools, enabling collection of usernames, passwords, and one-time codes, and it supports large-scale message delivery via iMessage and Google Messages’ RCS (Rich Communication Services) channels rather than just SMS,” says Halit Alptekin, chief intelligence officer at security firm Prodaft, which has tracked the Chinese-speaking phishing ecosystem. “It employs advanced anti-evasion techniques such as IP- and user-agent-based filtering, time-limited URLs, and domain rotation to hamper detection,” Alptekin says.
