Google has announced a federal lawsuit targeting a network of foreign cybercriminals based in China, accusing the group of orchestrating large-scale text-message phishing campaigns, the tech giant told CBS News in an exclusive interview.
The criminal network, known as “Lighthouse,” sends text messages that appear legitimate—often warning recipients of a “stuck package” or an “unpaid toll.” However, these messages are actually phishing attempts, also called smishing, designed to trick users into revealing sensitive information such as passwords and credit card numbers.
“These scammers ended up compromising anywhere from 15 [million] to 100 million potential credit cards within the U.S. and impacted, at our current estimates, over a million victims,” Google’s general counsel Halimah DeLaine Prado told CBS News.
Google has filed what it describes as a first-of-its-kind lawsuit under the Racketeer Influenced and Corrupt Organizations (RICO) Act, traditionally used to dismantle organized crime syndicates. The case targets unidentified operators, referred to as John Does 1 through 25, who allegedly created a “phishing-as-a-service” platform to facilitate mass text attacks.
DeLaine Prado explained that the lawsuit is not primarily intended to recover victims’ losses, but to serve as a deterrent to future cybercriminal enterprises.
Google identified more than 100 fraudulent websites that used the company’s logo to trick individuals into providing personal credentials or credit card information. According to the complaint, the group is believed to have stolen data linked to tens of millions of U.S. credit cards.
Kevin Gosschalk, CEO of cybersecurity firm Arkose Labs, said that while recovering lost funds is challenging, legal action like Google’s can disrupt criminal operations.
“It has an impact on the ecosystem,” Gosschalk told CBS News. “If there are three major players and you go after the big one, the other two start second-guessing: ‘Should we be in this business, or should we get out?’”
Google’s lawsuit seeks not only to punish the criminals but also to establish a legal precedent, testing whether a law designed in the 1970s for racketeering can be applied to modern digital crime.
Gosschalk noted that pursuing cybercriminals overseas will be difficult, especially since some operate in countries like Cambodia with limited extradition agreements. “But it does mean the individuals behind these operations will not be able to travel to the U.S. in the future, adding additional risk,” he said.
To protect themselves from text-based scams, users are advised not to click on links or reply to unknown messages. iPhone users can enable “Filter Unknown Senders” and “Filter Junk,” while Android users can activate Spam Protection and forward suspicious texts to 7726 (SPAM). Users should periodically check these filters for legitimate messages that may have been mistakenly caught.
