Google warns about global ‘smishing’ ring stealing millions via text scams, files lawsuit in US

Google on Wednesday announced that it has filed a lawsuit against a foreign cybercriminal organisation behind a series of SMS phishing attacks, or “smishing”. In a blog post, the tech giant said that the bad actors built a phishing-as-a-service operation called “Lighthouse” to generate and deploy large-scale attacks.

Google also warned that these attacks exploit established brands like E-Z Pass to steal people’s financial information.

How does the scam work?

According to Google, cybercriminals send users a text message containing a link that asks them to share sensitive information such as email credentials, banking details, and more. The attackers exploit the reputations of trusted brands by illegally displaying their trademarks and services on fraudulent websites.

The company says it found at least 107 website templates featuring its branding on sign-in screens designed to trick users into believing that those fraudulent sites are legitimate.

This new type of attack is said to be inflicting “immense financial harm” globally, with Google’s estimates suggesting over 1 million victims of the Lighthouse attacks across more than 120 countries. The company believes that attackers have stolen somewhere between 12.7 million and 115 million credit-card numbers in the US alone.

Google’s general counsel, Halimah DeLaine Prado, explaining how the attack works in a statement to CNBC, said: “The ‘Lighthouse’ enterprise or software creates a bunch of templates in which you create fake websites to pull users’ information.”

What action is Google taking?

Google says that its legal action targets the “core infrastructure” of the attackers by bringing claims under the Racketeer Influenced and Corrupt Organizations (RICO) Act, the Lanham Act, and the Computer Fraud and Abuse Act, in order to shut them down.

Apart from legal action, Google says it is also launching new features powered by AI to flag common scam messages, such as fake toll-fee or package-delivery alerts, to protect users from fraud. The company adds that it is also working to block malicious links and scams in Google Messages.

“If you are the victim of an account compromise, we’re making it safer and easier to regain access to your account by expanding account-recovery options with Recovery Contacts. We also continue to intensify public-education and partnership efforts to help users recognise and avoid fraud. We hope these efforts will help more people be safe online,” Google said in its blog post.

Google also says that it is collaborating with policymakers and has also announced its support for certain bipartisan bills in the US Congress.