Google Disrupts Massive SMS Phishing Ring That Affected 1 Million Victims

Google disrupted a cybercriminal group operating from China behind a massive SMS phishing operation within 24 hours of filing a lawsuit against them on October 12.

The operation, dubbed the "Smishing Triad" by cyber experts, used a phishing kit called "Lighthouse." The group impersonated reputable brands like E-ZPass, U.S. Postal Service, and Google to gain victims' trust.

Lighthouse is a phishing-as-a-service platform that provides cybercriminals with ready-made templates and fake websites to steal banking credentials via iMessage and RCS messaging. According to Google, this cybercrime group harmed more than 1 million victims across over 120 countries.

The company provided translated Telegram messages allegedly from the group's ringleader, which stated their cloud server was blocked due to complaints and operations were suspended.

Then criminal group sent victims fake text messages disguised as delivery updates, unpaid fees, fraud alerts, and other urgent notifications. The scammers targeted sensitive financial information including Social Security numbers and banking credentials through fraudulent websites.

Google discovered over 100 phishing templates using the company's branding created by the Lighthouse kit. The company did not disclose specific details about how the operation was shut down.

Google's general counsel Halimah DeLaine Prado said the company will continue holding malicious scammers accountable.