Cybercriminals Have a Weird New Way to Target You With Scam Texts

Cybercriminals have a new way of sending millions of scam text messages to people. Typically when fraudsters send waves of phishing messages to phones—such as toll or delivery scams—they may use a huge list of phone numbers and automate the sending of messages. But as phone companies and telecom services have rolled out more tools to detect scams in texts, criminals have started driving around cities with fake cell phone towers that send messages directly to nearby phones.

Over the last year, there has been a marked uptick in the use of so-called “SMS blasters” by scammers, with cops in multiple countries detecting and arresting people using the equipment. SMS blasters are small devices, which have been found in the back of criminals’ cars and sometimes backpacks, that impersonate cell phone towers and force phones into using insecure connections. They then push the scam messages, which contain links to fraudulent websites, to the connected phones.

While not a new type of technology, the use of SMS blasters in scamming was originally detected in Southeast Asian countries and has increasingly spread to Europe and South America—just last week, Switzerland’s National Cybersecurity Centre issued a warning about SMS blasters. The devices are capable of sending huge volumes of scam texts indiscriminately. The Swiss agency said some blasters are able to send messages to all phones in a radius of 1,000 meters, while reports about an incident in Bangkok say a blaster was used to send around 100,000 SMS messages per hour.

“This is essentially the first time that we have seen large-scale use of mobile radio-transmitting devices by criminal groups,” says Cathal Mc Daid, VP of technology at telecommunication and cybersecurity firm Enea, who has been tracking the use of SMS blasters. “While some technical expertise would help in using these devices, those actually running the devices don’t need to be experts. This has been shown by reports of arrests of people who have been basically paid to drive around areas with SMS blasters in cars or vans.”

SMS blasters act as illegitimate phone masts, often known as cell-site simulators (CSS). The blasters are not dissimilar to so-called IMSI catchers, or “Stingrays,” which law enforcement officials have used to scoop up people’s phone data. But instead of being used for surveillance, they broadcast false signals to targeted devices.

Phones near a blaster can be forced to connect to its illegitimate 4G signals, before the blaster pushes devices to downgrade to the less secure 2G signal. “The 2G fake base station is then used to send (blast) malicious SMSes to the mobile phones initially captured by the 4G false base station,” Mc Daid says. “The whole process—4G capture, downgrade to 2G, sending of SMS and release—can take less than 10 seconds,” Mc Daid explains. It’s something people who receive the messages may not even notice.

The growth of SMS blasters comes at a time when scams are rampant. In recent years, technology firms and mobile network operators have increasingly rolled out greater protections against fraudulent text messages—from better filtering and detection of possible scam messages to blocking tens of millions of messages per month. This month, UK telecom Virgin Media O2 said it has blocked more than 600 million scam text messages during 2025, which is more than its combined totals for the last two years. Still, millions of scam messages get through, and cybercriminals are quick to try to evade detection systems.

Because blasters operate outside of traditional mobile networks, the messages they send are not subject to the security measures that have been put in place by mobile providers. “None of our security controls apply to the messages that phones receive from them,” says Anton Reynaldo Bonifacio, the chief information security officer and chief AI officer at Philippines communications firm Globe Telecom. “Once phones are connected to these fake cell sites, they can spoof any sender ID or number to send the scam message.”

Back in 2022, Globe Telecom made the decision to stop delivering SMS messages that contain URLs, and Bonifacio says he believes scammers use the blasters to “bypass” these measures. “The technology used to be more niche, but I think sales and assembly of these IMSI catcher devices have become more prevalent for criminal organizations,” he says. Researchers have found SMS blasters being sold openly online for thousands of dollars.

Samantha Kight, the head of industry security at the mobile operator industry group the GSMA, says the Asia-Pacific region has been most impacted by SMS blasters so far, but there are cases appearing in Western Europe and South America. “It might be a problem in one or two regions, but then we tend to see these things pop up in different regions,” Kight says. Reporting from Commsrisk and Risky Business, have highlighted reports of SMS blasters being used in Thailand, Vietnam, Japan, New Zealand, Qatar, Indonesia, Oman, Brazil, Hong Kong, and more in recent months. Law enforcement officials in London say they have so far seized seven SMS blasters, and in June, a student from China was sentenced to jail for more than a year after being caught using one of the devices.

Kight says that tackling SMS blasters involves telecom operators and government regulators being aware of the devices, law enforcement agencies taking actions, as well as people recognizing and reporting scam messages to the relevant authorities. “As the mobile industry, we want to be able to find these, we want people to trust what’s on their device, and we want to be able to protect them,” Kight says.

Yomna Nasser, a software engineer at Android, says people can stop their phones connecting to 2G networks in their settings. “Once enabled, your device will no longer scan for or connect to 2G cell towers,” Nasser says, adding the only exception is if an emergency call is being made and 3G, 4G and 5G are not available. Android’s Advanced Protection mode will also disable 2G automatically on some newer phones. Apple did not answer WIRED’s request for comment by the time of publication, although its Lockdown Mode will disable 2G connections.

Ultimately, you may not know if an SMS blaster is used to send you a scam. Ben Hurley, a detective sergeant with the City of London’s Dedicated Card and Payment Crime Unit, which is investigating cases locally, says that while the delivery is different, the actual scams themselves haven’t changed. Phishing messages are often designed to get you to click on a malicious link and hand over your personal information. “It’s a new way of doing the same thing,” Hurley says. “It’s changed how we have to investigate it, but actually it’s not changed the end result,” he says, adding that people should always be cautious of clicking links in unknown messages and take a moment before acting if the message feels suspicious.

As with all cybercrime, though, there is a chance that those operating the schemes and blasters could evolve their tactics. “The actual SMS blaster devices they use are relatively unsophisticated so far,” Mc Daid says, adding that the type of technology originally came from the world of governments, law enforcement, and militaries. If criminals are able to gain access to more sophisticated technology and expertise, he says, “this could be the beginning of a cat and mouse game.”