Tired of scam messages purporting to have a package for you? So is Google – and it's lawyering up to fight back.
Google said it is adopting a multifaceted approach to takedown a phishing as a service (PhaaS) operation known as 'Lighthouse', not only suing those responsible, but backing bipartisan US legislation to take on such scams and rolling out new AI-based tech to protect users.
"That text message you got about a 'stuck package' from USPS or an 'unpaid road toll'? It’s not just spam. It’s the calling card of a sophisticated, global scam that has swindled victims out of millions of dollars," said Google's general counsel Halimah DeLaine Prado in a blog post.
"Bad actors built 'Lighthouse' as a phishing as a service kit to generate and deploy massive 'smishing' (SMS phishing) attacks."
Those attacks arrive via a text message claiming to have a delivery or warning of an unpaid road toll, with a malicious link where victims are urged to enter their email, banking data, and more.
According to Google, the Lighthouse operation has impacted over one million victims spanning 120 countries, stealing information on anywhere between 12.7 million and 115 million credit cards in the US alone
“This represents a five-fold increase in these types of attacks since 2020,” DeLaine Prado noted.
Google said attacks often make use of legitimate brands and their trademarks on malicious websites, with the tech giant spotting at least 107 website templates using its own branding on fake sign-in screens.
Google getting tough on scams
Google said it is taking legal action in the hopes of dismantling the "core infrastructure" of the Lighthouse operation.
"We are bringing claims under the Racketeer Influenced and Corrupt Organizations Act, the Lanham Act, and the Computer Fraud and Abuse Act to shut it down, protecting users and other brands," DeLaine Prado noted.
The lawsuit is being brought against 25 unnamed people believed to live in China, seeking a restraining order and damages. Of course, given the individuals accused of running Lighthouse are not known, the intent isn't to necessarily target them.
Instead, Google is also asking web hosting providers to block Lighthouse associated IP addresses and domains.
Alongside the lawsuit, Google has thrown its weight behind a trio of bills currently working their way through US Congress: Guarding Unprotected Aging Retirees from Deception (GUARD) Act, Foreign Robocall Elimination Act and Scam Compound Accountability and Mobilization (SCAM) Act.
Those bills would see the establishment of taskforces to target such scams — and funding to investigate them.
Legal actions aside, Google said it is also developing tools using AI to better spot and flag such scams in a bid to better protect users.
Tough fight ahead
While the actions by Google have been welcomed, one industry expert said such efforts may be like playing whack-a-mole. They might knock one down, but another will just pop up again.
"Groups like Lighthouse appear regularly, and while legal action can disrupt them, these operations often re-emerge using alternative infrastructures," said Carl Wearn, head of threat intelligence and analysis & future ops at Mimecast.
"Copycat phishing as a service models will continue to grow, exploiting people’s instinctive trust in familiar digital channels like email and SMS."
While the increase of these scams – which not only now impersonate delivery firms and toll threats but governments and banks to trick victims – may spark more lawsuits from brands following Google's lead, Wearn said that "lasting impact will depend on public awareness, taking a moment to pause, verify and think before clicking."
Make sure to follow ITPro on Google News to keep tabs on all our latest news, analysis, and reviews.
MORE FROM ITPRO
-
Hounslow Council partners with Amazon Web Services (AWS) to build resilience and transition away from legacy techSpomsored One of the most diverse and fastest-growing boroughs in London has completed a massive cloud migration project. Supported by AWS, it was able to work through any challenges
-
Salesforce targets better data, simpler licensing to spur Agentforce adoptionNews The combination of Agentforce 360, Data 360, and Informatica is more context for enterprise AI than ever before
-
The Scattered Lapsus$ Hunters group is targeting Zendesk customers – here’s what you need to knowNews The group appears to be infecting support and help-desk personnel with remote access trojans and other forms of malware
-
Impact of Asahi cyber attack laid bare as company confirms 1.5 million customers exposedNews No ransom has been paid, said president and group CEO Atsushi Katsuki, and the company is restoring its systems
-
If you're not taking insider threats seriously, then the CrowdStrike incident should be a big wake up callNews CrowdStrike has admitted an insider took screenshots of systems and shared them with hackers, and experts say it should serve as a wake up call for enterprises globally.
-
Shai-Hulud malware is back with a vengeance and has hit more than 19,000 GitHub repositories so far — here's what developers need to knowNews The malware has compromised more than 700 widely-used npm packages, and is spreading fast
-
Security experts claim the CVE Program isn’t up to scratch anymore — inaccurate scores and lengthy delays mean the system needs updatedNews CVE data is vital in combating emerging threats, yet inaccurate ratings and lengthy wait times are placing enterprises at risk
-
The US, UK, and Australia just imposed sanctions on a Russian cyber crime group – 'we are exposing their dark networks and going after those responsible'News Media Land offers 'bulletproof' hosting services used for ransomware and DDoS attacks around the world
-
Thousands of ASUS routers are being hijacked in a state-sponsored cyber espionage campaignNews Researchers believe that Operation WrtHug is being carried out by Chinese state-sponsored hackers
-
IBM AIX users urged to patch immediately as researchers sound alarm on critical flawsNews Network administrators should patch the four IBM AIX flaws as soon as possible
