Google is going after a group of Chinese hackers who have reportedly stolen over $1 billion from millions of people worldwide by impersonating Google and other well-known brands.
According to Google, the group operates a phishing services subscription platform, in which scammers can pay a monthly fee to gain access to thousands of fraudulent email, SMS, and website templates. The subscription is paid for in cryptocurrency. With these tools, scammers can execute sophisticated campaigns using well-known brand names.
While the scams that use Google’s brands are not the most popular, the company is leading the charge to have the platform, called Lighthouse, banned under the US racketeering and computer fraud laws. If they win the case, Google can begin working with cellular networks and domain name hosting services to take down the group at its source.
“Criminals are leveraging the trust and reputation of our brand to lure users into unsafe phishing attacks,” Google’s general counsel, Halimah DeLaine Prado, told the Financial Times. “The ability to put our engineers and lawyers to work to actually fight on behalf of those users is a necessary thing to do.”
There has been a rise in the number of Chinese hacking groups targeting US citizens and companies, as well as the severity and sophistication of these attacks. In June this year, Microsoft blamed Chinese hackers for exploiting the SharePoint vulnerabilities, naming three of them in its security report.
A platform for scammers
The group uses several portals to advertise its services, including online forums, the messaging app Telegram, and Google’s YouTube channel. Alongside templates for scams, Lighthouse also provides technology solutions to send hundreds of thousands of emails and messages at high volume, along with other software.
According to cybersecurity company Silent Push, which provided data for Google in its complaint, a Chinese criminal group used the Lighthouse platform to create 200,000 fraudulent websites in a 20-day period, which were visited 50,000 times. Other data showed a Telegram account linked to Lighthouse, which claimed to have the ability to send up to 200,000 text messages a day to phone numbers in the Asia-Pacific region.
More Google coverage
- New Google Search AI Mode is ‘Total Reimagining,’ Says CEO Sundar Pichai
- In Major Ruling, Judge Finds Google ‘Willfully Acquired and Maintained Monopoly Power’ Over Digital Ad Market
- Google’s Big Bet on Nuclear Energy: ‘The Race to Power AI-Driven Data Centers is Accelerating’
- Computer History Museum Releases Original AlexNet Code: Why It Matters
Google is upping its security
With this huge capability to generate fake websites and emails, Google is playing a losing game in taking down each website and reporting each email or SMS as spam.
It has stepped up its use of AI to reduce the amount of scam messages Android users see, alongside similar security and recognition improvements for Gmail. However, it may not be enough to stop the rising tide of phishing attacks without government assistance.
That is why Google has also been pushing for more users to adopt passkeys, warning that passwords can no longer guarantee safety. Passkeys, which require a user to sign in with a fingerprint, Face ID, or another device, provide an additional layer of security. Google also continues to promote two-factor authentication as a critical security layer for users who rely solely on passwords.
Android is rolling out on-device AI that flags scam calls, texts, and sideloaded apps before they land, detailed in Android’s new AI scam protections.