Google has asked a federal court to dismantle a China-based phishing service that it says created more than 600 fake sign-in pages and tricked over a million people in 121 countries.
The company filed suit in the Southern District of New York on 12 November against 25 unidentified defendants whom it accuses of operating the “Lighthouse” kit. The civil complaint describes the group as “foreign cyber-criminals” who used Google-branded templates to harvest e-mail and banking credentials by SMS.
Lighthouse first appeared on Telegram on 18 March 2025, according to security firm Silent Push, and has since been rented to low-skilled attackers for as little as a few dollars a week. The kit includes 107 pages that copy Google services such as Gmail and YouTube, plus 32,094 fake United States Postal Service sites that collected an average of 50,000 visits each between July 2023 and October 2024.
Halimah DeLaine Prado, Google’s general counsel, said the defendants organised separate teams for sending texts, hosting pages and selling stolen data. She claimed that Lighthouse has targeted more than one million people in over 121 countries.
“The scam is simple: criminals send a text message, prompting recipients to click a link and share information such as e-mail credentials, banking information and more. They exploit the reputations of Google and other brands by illegally displaying our trademarks and services on fraudulent websites,” she wrote.
The lawsuit does not name the operators, but Google links the kit to the so-called “Smishing Triad,” a loose collective that has targeted banks, telecoms and logistics firms across Australia and the Asia-Pacific region since 2023.
Google acknowledged that Lighthouse is “highly adaptive” and expects a long campaign to seize its domains and freeze its finances.
Alongside the court action, the company endorsed three bipartisan bills before Congress: the GUARD Act, which would fund local investigations into scams targeting retirees; the Foreign Robocall Elimination Act, aimed at blocking overseas spam calls; and the SCAM Act, which would create a national strategy against scam compounds and tighten sanctions on organisers.
The firm also rolled out new consumer tools, including AI-powered warnings for texts that mimic toll or delivery alerts and an expanded “Recovery Contacts” feature to help users regain hacked accounts.