Tomcat
Professional
- Messages
- 2,689
- Reaction score
- 917
- Points
- 113
The criminals built a makeshift antenna for a large-scale campaign, but somewhere they miscalculated...
British law enforcement officers have managed to uncover an unprecedented Internet fraud scheme in which attackers used a makeshift phone tower for a massive phishing operation. Two suspects have already been arrested.
According to the City of London police, the seized tower was a makeshift mobile antenna, code-named "SMS cannon". This is the first device of its kind in the UK, specifically designed to distribute huge quantities of malicious material. At the same time, the attackers somehow bypassed the operators ' protection systems against SMS phishing or "smishing".
The criminals posed as banks, government agencies, and other official organizations. Under a seemingly reliable cover, they tried to extort personal data, passwords, and payment details from recipients.
"Cybercriminals are coming up with increasingly sophisticated schemes, using sophisticated tricks to deceive citizens and steal valuables," said David Vint, interim head of the Cybercrime Division. — It is extremely important to join forces with partners to prevent new cases of fraud.
Vint reminded that neither banks nor government agencies ever request confidential information from customers by text message or phone: "If you receive a suspicious message, report it by sending it to the number 7726."
Most of the UK operators are involved in a system that allows subscribers to send spam messages to this number for verification. After that, providers can block the sender. For example, the local operator EE has already blocked tens of millions of fraudulent SMS messages after strengthening anti-spam filters in 2021. Moreover, new customers can verify their identity at EE retail stores, which minimizes the risk of spam being sent from their accounts.
Huayong Xu, 32, from Croydon, was arrested on May 23 on charges of possessing additional infrastructure for fraudulent campaigns. He is scheduled to appear in court on June 26. The second detainee was arrested on May 9 in Manchester, but later released on bail. The identity of this person is not disclosed.
The investigation is being conducted jointly with telecom operators, the regulator Ofcom and the National Cyber Security Center. Ofcom stressed that phone fraud causes serious damage to victims, so the regulator works closely with law enforcement officers and other industry representatives to solve the problem.
According to unconfirmed reports, SMS guns can be IMSI interceptors - devices for secretly intercepting cellular traffic, usually used by special services. In the hands of attackers, they are able to break into the protective mechanisms of phones and bypass anti-spam filters for sending phishing messages. However, there is no official confirmation of this version yet.
In recent years, the United States has been repeatedly criticized for abusing IMSI interceptors and using them in violation of federal regulations. In 2017, the British authorities tried to use these devices to block communication in prisons. However, the prisoners quickly became suspicious when they noticed that wrapping the devices in foil blocked the work of the interceptors. Representatives of law enforcement agencies were forced to admit the failure of the tests.
British law enforcement officers have managed to uncover an unprecedented Internet fraud scheme in which attackers used a makeshift phone tower for a massive phishing operation. Two suspects have already been arrested.
According to the City of London police, the seized tower was a makeshift mobile antenna, code-named "SMS cannon". This is the first device of its kind in the UK, specifically designed to distribute huge quantities of malicious material. At the same time, the attackers somehow bypassed the operators ' protection systems against SMS phishing or "smishing".
The criminals posed as banks, government agencies, and other official organizations. Under a seemingly reliable cover, they tried to extort personal data, passwords, and payment details from recipients.
"Cybercriminals are coming up with increasingly sophisticated schemes, using sophisticated tricks to deceive citizens and steal valuables," said David Vint, interim head of the Cybercrime Division. — It is extremely important to join forces with partners to prevent new cases of fraud.
Vint reminded that neither banks nor government agencies ever request confidential information from customers by text message or phone: "If you receive a suspicious message, report it by sending it to the number 7726."
Most of the UK operators are involved in a system that allows subscribers to send spam messages to this number for verification. After that, providers can block the sender. For example, the local operator EE has already blocked tens of millions of fraudulent SMS messages after strengthening anti-spam filters in 2021. Moreover, new customers can verify their identity at EE retail stores, which minimizes the risk of spam being sent from their accounts.
Huayong Xu, 32, from Croydon, was arrested on May 23 on charges of possessing additional infrastructure for fraudulent campaigns. He is scheduled to appear in court on June 26. The second detainee was arrested on May 9 in Manchester, but later released on bail. The identity of this person is not disclosed.
The investigation is being conducted jointly with telecom operators, the regulator Ofcom and the National Cyber Security Center. Ofcom stressed that phone fraud causes serious damage to victims, so the regulator works closely with law enforcement officers and other industry representatives to solve the problem.
According to unconfirmed reports, SMS guns can be IMSI interceptors - devices for secretly intercepting cellular traffic, usually used by special services. In the hands of attackers, they are able to break into the protective mechanisms of phones and bypass anti-spam filters for sending phishing messages. However, there is no official confirmation of this version yet.
In recent years, the United States has been repeatedly criticized for abusing IMSI interceptors and using them in violation of federal regulations. In 2017, the British authorities tried to use these devices to block communication in prisons. However, the prisoners quickly became suspicious when they noticed that wrapping the devices in foil blocked the work of the interceptors. Representatives of law enforcement agencies were forced to admit the failure of the tests.
