Search Results: Smishing

As the holiday shopping season approaches, Chinese-based phishing groups are launching sophisticated SMS attacks that not only steal payment card information but also convert it into mobile wallets, creating a double threat for unsuspecting consumers.

Google is invoking U.S. racketeering law against an alleged China-based smishing network it says compromised data tied to up to 100 million credit cards. Beyond the headline, this is an aggressive test of how far platforms can go to weaponize civil litigation against phishing-as-a-service operations—and a signal that the security playbook is shifting.

Google’s lawsuit against the Chinese-run ‘Lighthouse’ platform marks a pivotal escalation in the war against phishing-as-a-service, targeting the infrastructure behind massive USPS and E‑ZPass toll scams. Beyond the headlines, this clash exposes how modern fraud kits weaponize cloud, messaging, and brand trust at industrial scale—and what security teams must learn from it.

Google’s new lawsuit against the Chinese-run ‘Lighthouse’ platform marks one of the most aggressive legal strikes yet against phishing-as-a-service infrastructure powering global toll and delivery scams. Beyond brand protection, it signals a maturing strategy: treat criminal PhaaS ecosystems like transnational enterprises—and dismantle them accordingly.

Google has filed a civil suit in New York against alleged operators of “Lighthouse,” a highly organized Chinese-speaking smishing-as-a-service network linked to hundreds of thousands of phishing sites and up to 115 million stolen cards. Beyond a legal headline, this move marks a pivotal test of whether platform providers can weaponize civil courts to disrupt global, cloud-native fraud infrastructure.

Palo Alto Networks CEO Nikesh Arora warns that current identity management systems are fundamentally unprepared for the rise of AI agents accessing corporate resources. As organizations deploy autonomous AI workers, fragmented security protocols create dangerous blind spots that malicious actors are already exploiting. The solution may paradoxically lie in using AI-powered security agents to defend against rogue AI threats.