Google just declared war on one of the world's largest scam operations. The tech giant filed federal litigation today targeting 'Lighthouse,' a phishing-as-a-service network that's stolen up to 115 million credit cards and hit over 1 million victims across 120+ countries. The dual offensive includes backing three bipartisan Congressional bills designed to choke off international scam networks at their source.
Google is fighting fire with fire against cybercriminals, and today's announcement shows they're not messing around. The company's General Counsel Halimah DeLaine Prado revealed a coordinated legal and legislative assault on what she calls a "sophisticated, global scam" that's been hiding in plain sight through innocent-looking text messages about stuck packages and unpaid tolls.
The lawsuit targets 'Lighthouse,' a phishing-as-a-service operation that's essentially the Amazon Web Services of cybercrime. Bad actors use this kit to launch massive 'smishing' campaigns - SMS phishing attacks that trick people into clicking malicious links and handing over everything from email passwords to banking details. What makes this particularly brazen is how the criminals brazenly rip off Google's own branding, creating at least 107 fake login templates designed to look like legitimate Google sign-in screens.
The numbers are staggering. This single operation has compromised somewhere between 12.7 million and 115 million credit cards in the US alone, with over 1 million victims spanning more than 120 countries. That represents a five-fold spike in these types of attacks since 2020, according to Google's filing.
Google isn't just throwing lawyers at the problem - they're invoking some of the heaviest artillery in federal law. The lawsuit brings claims under the Racketeer Influenced and Corrupt Organizations Act (RICO), typically reserved for organized crime syndicates, plus the Lanham Act for trademark violations and the Computer Fraud and Abuse Act. It's the legal equivalent of bringing a bazooka to a knife fight.
But litigation can only tackle individual operations, which is why Google is simultaneously backing three Congressional bills designed to address the structural problems that let these scams flourish. The company endorsed the Guarding Unprotected Aging Retirees from Deception (GUARD) Act, which would funnel federal grant money to state and local law enforcement specifically for investigating elder fraud - a prime target for these operations.
The Foreign Robocall Elimination Act caught attention because it would create a dedicated taskforce to block international illegal robocalls before they reach American phones. Meanwhile, the Scam Compound Accountability and Mobilization (SCAM) Act targets the physical infrastructure behind many of these operations - the overseas compounds where trafficked workers are forced to run scam operations.
