Google Sues Lighthouse Operators Behind Massive Smishing Campaign
Category:Threat Alerts
Google filed a civil suit against 25 operators of the Lighthouse phishing-as-a-service platform, also known as the Smishing Triad. Lighthouse enabled low-skill criminals to deploy thousands of fraudulent SMS campaigns impersonating brands like Google, YouTube, USPS, and Gmail. The operation produced over 100 counterfeit templates and may have facilitated theft of up to 115 million credit cards. Attack behaviors map to T1566 (Phishing) and T1584 (Compromise Infrastructure). Google seeks an injunction to disrupt platform support channels and reduce infrastructure reuse. The lawsuit also calls for stronger global anti-smishing regulations, noting cross-border operations scale faster than law enforcement response.
CORTEX Protocol Intelligence Assessment
Business Impact: Organizations face credential-harvesting risk and brand impersonation threats. Large-scale smishing campaigns enable account takeover and fraud. Technical Context: Lighthouse automates template generation, SMS distribution, and evasion of Safe Browsing warnings.
Strategic Intelligence Guidance
- Enforce SMS filtering policies for corporate devices.
- Deploy phishing-resistant MFA across user accounts.
- Monitor for brand impersonation domains.
- Coordinate with telecom providers on SMS threat intelligence.
Vendors
Threats
Targets
Impact
Financial:115 million credit cards
Intelligence Source: Google Sues Lighthouse Operators Behind Massive Smishing Campaign | Nov 16, 2025