Police Arrest Two Men Over Illegal UK Phone Mast and Smishing
In somewhat of a first for the United Kingdom, Police in the City of London area last week reported that they had arrested two men in connection with the investigation of an “illegitimate telephone mast” and antenna, which is believed to have been setup for the purpose of acting as an “SMS blaster”.
For the uninitiated, Smishing (aka – SMS Phishing) describes a text message that attempts to trick people into divulging personal information. Smishing texts are often designed to look authentic and may even appear in a chain of texts alongside genuine messages, but despite this such messages will contain links to fake websites or dodgy phone numbers (follow these and you’ll end up giving away sensitive personal data to fraudsters).
In this case, the “mast” in question above is believed to have been used to send “thousands of smishing messages“, posing as banks and other official organisations, to members of the public. The approach taken was unique in that it was designed to “bypass mobile phone networks’ systems in place to block suspicious text messages.”
Advertisement
We’re just speculating, but it sounds like a type of attack that may have only been able to target those who passed within range of the mounted antenna, although the exact means of how they set this all up has naturally not been disclosed.
David Vint, Temporary Detective Chief Inspector and Head of the Dedicated Card and Payment Crime Unit (DCPCU), said:
“The criminals committing these types of crimes are only getting smarter, working in more complex ways to trick unknowing members of the public and steal whatever they can get their hands on. It is vital we work with partners to help prevent the public from falling victim to fraud.
Remember, a bank or another official authority will not ask you to share personal information over text or phone. If you think you have received a fraudulent text message, report it by forwarding it to 7726.”
In this case a combined effort by the police, mobile operators, Ofcom and the National Cyber Security Centre (NCSC) ultimately resulted in an arrest on 9th May in Manchester and another one on 23rd May in London. As a result, Huayong Xu, 32, of Alton Road, Croydon was charged on 23rd May with possession of articles for use in fraud and was remanded in custody. He will appear at Inner London Crown Court on 26th June 2024. The other arrested person has been bailed.
Mark is a professional technology writer, IT consultant and computer engineer from Dorset (England), he also founded ISPreview in 1999 and enjoys analysing the latest telecoms and broadband developments. Find me on X (Twitter), Mastodon, Facebook, BlueSky, Threads.net and Linkedin.
« Rural Broadband ISP Airband Fined £11k for Roadworks Offences
Impossible to know without confirmation but it was likely using a downgrade attack which forces phones to connect to it using a less secure 2G or 3G signal, this is why it’s important that phones need to come with an option in the settings to disable connecting to any 2G or 3G signal
why would you need a mast for this? if you wanted to act like a stingray, sure. but to send SMS messages? i might be being stupid (high probability) but I don’t understand the need for a ‘mast’ in this scenario.
Pure speculation, Modus operandi of the crims and the standard call and text logging capabilities of the legitimate towers
Presumably the crims operate on short-term, high volume operation (Capture one in 100 principle), “Shoot and scoot”.
If a legitimate cell tower log software suddenly sees large volumes of texts being issued by a single phone or mobile comms device, when there was nothing there before and none of them are business accounts, then that’s a give away.
Secondly, if they are using a business account(S) then, presumably, there would be a contract requirement for the provision of a notification to the service provider of the likely volumes to be used, so that the cell tx/Rx could be rigged accordingly. Suspicion would arise if the provider logs suddenly recorded high volume use which was stressing the legitimate tower and there was no notification on record.
Thirdly, if the high volume users were switching locations frequently, to be one step ahead of neighbours complaints to providers about network tower signals being unavailable through high local use, then, on occasion they’d have to move between different towers and their acquisition zones. The legitimate tower logging software might spot that, even if they used kit with different IMSIs.
Whilst setting-up your own tower may avoid being detected by the above techniques, setting-up your own tower risks being detected by the surveillance activities of the network providers (Who may be able to detect localised signal deprecation other than natural causes) Law and Order and National Security
IMSI catcher, unfortunately it can be build at home or you can buy it on the internet. I don’t know how they improved it but in the past mobile phones were able to detect it and display information about it.
This kind of attack is probably happening all the time in airports, high streets etc, in the back of a Mercedes 3.5 ton sprinter, we rely on 2 g and 3g for active voice calls or to keep a good reliable GSM signal at the ready so that answers what someone posted in regards to setting phones to bypass and use 4g and 5G, I would just make sure I use data only like WhatsApp or Signal that way we would know for sure have not contacted anything via GSM 2g or 3g!
This isn’t an issue unless you were connected to the WiFi point on the tadpole.
More available than you think and kit can get into the wrong hands
https://sls.eff.org/technologies/cell-site-simulators-imsi-catchers
Man in the middle and broadcast obviously avoids provider filters
WiFi not immune. Common hotspots can be cloned and phones on auto join phones will connect in preference.
Need to control what your device connects to and treat incoming with suspicion.