Google has filed a lawsuit against a China-based criminal organization known as “Lighthouse,” alleging it operates a sophisticated online scam network targeting victims globally.
Google has taken decisive action against online scammers by filing a lawsuit in the U.S. District Court for the Southern District of New York. The lawsuit targets a sprawling criminal organization based in China, referred to as “Lighthouse,” which allegedly provides software and support to fraudsters engaged in various cybercrimes.
The Lighthouse operation is characterized as a large-scale, organized cybercrime network that reportedly operates on a global scale. According to the lawsuit, Lighthouse offers a phishing toolkit that enables extensive SMS, RCS, and iMessage campaigns, equipping its customers with ready-made templates designed for mass fraud.
While the identities and locations of the defendants remain largely unknown, the case highlights the increasing sophistication of cybercrime in 2025. This operation exemplifies a blend of automation, social engineering, and global distribution, raising concerns about the evolving landscape of online fraud. Legal proceedings are currently ongoing, and the final outcomes, including potential convictions or restitution, are yet to be determined.
The lawsuit alleges that the Lighthouse network operates a “Phishing-as-a-Service” (PhaaS) model, selling a software kit that includes hundreds of fake website templates aimed at would-be scammers. Google’s complaint indicates that nearly 200 of these templates have been designed to mimic legitimate U.S.-based sites, including the official website of New York City, the U.S. Postal Service, and the West Virginia Department of Motor Vehicles.
PhaaS is a criminal business model where cybercriminals provide tools, templates, and infrastructure to facilitate phishing attacks, even for those lacking technical expertise. Subscribers gain access to pre-made fake websites, email or SMS templates, and automated systems designed to steal login credentials, banking information, or personal data.
Some PhaaS platforms also offer ongoing support, updates to evade security filters, and various profit-sharing or subscription models. By industrializing phishing, PhaaS significantly lowers the barrier to entry, enabling large-scale, organized scams that can target millions of victims worldwide.
The Lighthouse network has allegedly targeted victims in over 120 countries, swindling millions of dollars annually. Screenshots included in the complaint reveal that the network has misused logos from several well-known payment, credit card, and social media companies to enhance the credibility of its fraudulent schemes.
Interestingly, Google does not know the actual identities of the individuals it is suing. The lawsuit refers to the defendants as “Does 1-25,” a legal strategy that allows the case to proceed without named defendants. This approach is common when the actual perpetrators are unknown, enabling legal action to commence while investigators work to uncover the identities of the alleged criminals.
Through the discovery process, Google can request records from third parties, including domain registrars, hosting providers, and messaging platforms, to trace IP addresses, account activity, and other evidence that may lead to the identification of those behind the Lighthouse operation.
Courts typically allow this method if the plaintiff demonstrates that the unknown defendants have caused harm and that their identities are likely discoverable. In cases of cybercrime like phishing-as-a-service, where operators often utilize pseudonyms, encrypted communications, and offshore infrastructure, the use of John Doe designations enables legal action to begin without waiting for the perpetrators to be identified. This expedites efforts to disrupt the criminal operation.
Halimah DeLaine Prado, Google’s general counsel, noted that over 100 of the templates used to create fake websites have included the company’s logos in areas where users are directed to sign in or make payments, thereby creating a false sense of legitimacy. “We are a global company. This hits all of our users,” she stated. “We’re concerned about the damage to user trust and not knowing what websites are safe.”
DeLaine Prado refrained from providing a specific dollar figure regarding the damage to Google, describing it as “a bit immeasurable.” However, she emphasized the extensive reach of the organization, highlighting that Lighthouse’s operations encompass fake websites, email and SMS campaigns, and automated systems that impersonate trusted organizations, including U.S.-based entities like the Postal Service, New York City government, and the DMV, as well as banks, payment platforms, and social media companies.
The scale and automation of the Lighthouse network—comprising tens of thousands of fraudulent websites and campaigns—illustrate the industrialization of phishing, allowing organized criminals to efficiently reach millions of potential victims. Legal actions, such as Google’s 2025 lawsuit, aim to disrupt the Lighthouse operation, although many of the individuals behind it remain unidentified.
Source: Original article