Fake Cell Towers Hijacked Tens of Thousands of Phones in Toronto—Three Men Face 44 Charges

How SMS Blasters Work

An SMS blaster is a portable device that impersonates a legitimate cellular base station. When a phone comes within range, the blaster tricks it into disconnecting from the real network and connecting to the fake one instead. Once connected, the device can push text messages directly to the phone, bypassing the carrier's network entirely.

The messages appear to come from trusted organizations: banks, government agencies, delivery services. Each contains a link to a fraudulent website designed to harvest login credentials, banking information, or personal data. Because the messages arrive through what appears to be a normal cellular connection, they bypass the spam filters and fraud detection systems that carriers apply to messages flowing through their own networks.

This technique, sometimes called smishing when delivered via SMS, is significantly harder to detect than email phishing because mobile devices offer fewer visual cues about message authenticity.

13 Million Network Disruptions

The scale of the operation was massive. Police reported that tens of thousands of mobile phones connected to the rogue devices over several months, and Telus, one of Canada's major carriers, identified more than 13 million network disruptions caused by the SMS blasters.

Each disruption represents a moment when someone's phone was pulled off the legitimate network. During that window, which could last from seconds to several minutes, the victim's phone could not make normal calls or send texts through their carrier. More critically, some victims may have been unable to reach emergency services like 911.

The safety implications go beyond fraud. Any device that can disrupt cellular connectivity at scale poses a risk to public safety infrastructure.

A Growing Global Threat

While this is the first criminal case involving SMS blasters in Canada, the technology has been documented in other countries. Law enforcement in the UK, China, and several Southeast Asian nations have encountered similar devices used for mass phishing and advertising spam.

The devices themselves are relatively inexpensive and can be built from commercially available software defined radio components. What makes them dangerous is that they exploit a fundamental weakness in cellular networks: phones will automatically connect to the strongest signal, regardless of whether it comes from a legitimate tower or a malicious one.

Modern 5G networks include stronger authentication mechanisms that make SMS blaster attacks more difficult, but most devices still maintain backward compatibility with older 2G and 3G protocols that lack these protections. Attackers can force a phone to downgrade its connection, bypassing 5G security entirely.

From Email Phishing to Physical Phishing Infrastructure

SMS blasters represent an evolution in phishing tactics. Traditional phishing relies on email or web based delivery, where carriers and email providers can apply filters and block known malicious domains. The FBI reported $17.6 billion in cyber fraud losses in 2025, with phishing as a primary vector.

SMS blasters bypass all of that. The phishing messages never touch the carrier's network, so there is nothing for the carrier to filter. The attacker physically drives to a high density area, powers on the device, and reaches every phone within range. It is the phishing equivalent of going door to door instead of sending mail.

This is particularly concerning for organizations that rely on SMS for two factor authentication or account verification. If an attacker can push phishing messages that appear to come from a bank while simultaneously intercepting the victim's real SMS messages, they can capture both the credential and the verification code in a single attack.

How to Protect Yourself

Defending against SMS blaster attacks requires a different approach than traditional phishing defense:

• Never click links in text messages from banks or government agencies. Navigate directly to the organization's website or app instead.
• Switch from SMS based 2FA to app based authenticators. TOTP apps like Google Authenticator or Authy generate codes locally and cannot be intercepted by fake cell towers.
• Watch for network disruptions. If your phone suddenly loses signal in an area with normally strong coverage, it could indicate an SMS blaster operating nearby.
• Report suspicious texts. In Canada, forward suspicious messages to 7726 (SPAM). In the US, report to the FTC.
• Keep your phone's OS updated. Recent Android and iOS updates include improved detection of rogue base stations.

What Comes Next

The three suspects face charges including fraud, mischief, and unauthorized use of radio frequency equipment. The investigation remains ongoing, and police have not ruled out additional arrests.

For carriers and regulators, the Toronto case is a warning. The technology to build SMS blasters is accessible, the attacks are effective, and the existing cellular infrastructure is vulnerable. Until carriers deploy stronger network authentication at scale, SMS blasters will remain a viable tool for criminals willing to operate in physical proximity to their victims.