Two individuals were recently arrested in the UK in relation to a massive smishing campaign facilitated by an illegal homemade phone antenna.
The suspects, detained last month in Manchester and London, are accused of weaponizing a homemade mobile antenna to send thousands of rogue SMS texts to unsuspecting recipients.
The two accused crafted phishing messages mimicking various legitimate entities, including banks and other companies. Mobile phone networks typically employ protection mechanisms to prevent suspicious text messages.
However, the homemade SMS blaster let the threat actors bypass these restrictions and orchestrate a large-scale smishing campaign.
Companies frequently use SMS blasters to create and manage SMS delivery campaigns, allowing the quick delivery of information to numerous recipients. However, recipients must consent before receiving text messages, notifications, and other similar forms of communication from companies.
SMS blasting without this consent is illegal, even more so when the messages are maliciously crafted to defraud victims, mislead, or aid in spreading malware or other ill-natured content.
The investigation involved cooperation between the Dedicated Card and Payment Crime Unit (DCPCU), the National Cyber Security Centre (NCSC), and various mobile network operators.
“In what is thought to be the first of its kind in the UK, an illegitimate telephone mast is believed to have been used as an ‘SMS blaster’ to send messages that bypass mobile phone networks’ systems in place to block suspicious text messages,” reads the City of London Police’s press release.
One individual was arrested in Manchester on May 9, and another in London on May 23. 32-year-old Huayong Xu was charged on May 23 with possession of articles for use in fraud and was held in custody. He is scheduled to appear at Inner London Crown Court on June 26. The other person arrested was released on bail.
Text/SMS scams are increasingly common and significant vectors in the cyber threat landscape. While these scams were once easily identifiable and avoidable, artificial intelligence and other similar technologies have made them more deceptive. These advances allow threat actors to better disguise their schemes, tricking more individuals into falling for their traps.
Dedicated solutions like Scamio can help you dodge scams by providing a quick, convenient way to detect them. You can use it to check the legitimacy of text messages, emails, URLs, images, QR codes, and other online requests by sending suspicious content for a quick analysis.
Scamio can be used for free on WhatsApp, Facebook Messenger, or any web browser. Currently, Scamio is available for users in France, Germany, Spain, Italy, Romania, Australia, and the UK.
tags
Vlad's love for technology and writing created rich soil for his interest in cybersecurity to sprout into a full-on passion. Before becoming a Security Analyst, he covered tech and security topics.
View all postsNovember 14, 2024
September 06, 2024