New ‘SMS blaster’ text scams are on the rise, security experts warn – stay safe by changing this one phone setting

News
By published

New breed of SMS scam bypasses cell towers to reach your phone

Two hands holding a phone in red lighting showing a scam text message
(Image credit: Shutterstock / tete_escape)
Jump to:
  • SMS blaster scams are on the rise and they're difficult to detect
  • These scams involve cybercriminals driving around cities and targeting nearby phones with fake cell towers
  • There are a few simple ways to protect yourself from these scams

The term 'SMS blaster' is still unknown to many, but these devices are increasingly popular weapons used by cybercriminals – and your phone might be the target.

These small devices can be used to target hundreds of phones at a time, and they've been caught sending as many as 100,000 text messages per hour. The worst part is that you may not even notice if you were targeted by an SMS blaster attack.

Fortunately, you can protect yourself from these attacks with one simple setting on Android. iPhone users are less fortunate, but there are ways to stay safe regardless of which smartphone you're using.

How do SMS blaster scams work?

The term 'SMS blaster' refers to small, portable devices that scammers can fit in the trunk of a car or even in a backpack.

These devices mimic cell towers and trick phones into connecting by broadcasting a fake signal, and then use that opening to send out hundreds, or even thousands, of phishing texts (a practice known as 'smishing').

An illustration of a man wearing a backpack carrying out an SMS blaster scam on unsuspecting strangers

(Image credit: Google)

In reality, an SMS blaster is a fairly unassuming device, and those who are found with them are often hired by cybercriminals for the sole purpose of driving around certain areas. As security company Sekoia (via Ars Technica) recently reported, scammers have also been exploiting unsecured cellular routers that are typically used in industrial settings to fire out phishing messages.

As described by Wired, so-called SMS blasters force unsafe connections by creating an illegitimate phone mast, referred to as a cell-site simulator (CSS). Phones caught in its radius – which can be up to 1,000 meters (328 feet) according to the Swiss National Cybersecurity Centre (NCSC) – are vulnerable to SMS scams.

An SMS broadcasting machine on a green and blue background

An example of the kind of SMS broadcasting machine (in this case, the Hitech Terminal Maxy Fourfold SMS broadcaster 4G LTE & 5G NSA) that can theoretically be used nefariously to send SMS texts to mobile phones. (Image credit: SMS Broadcaster)

The device initially connects to nearby phones by sending out a 4G signal. Then, it pushes them to downgrade to 2G, which is much less secure.

"The 2G fake base station is then used to send (blast) malicious SMSes to the mobile phones initially captured by the 4G false base station," Cathal McDaid, VP of technology and telecommunication at Enea, told Wired. The whole process, from the initial connection to sending out a text, can take less than 10 seconds.

The actual messages often contain phishing links, and they're not blocked by network operators. No matter the carrier and no matter if you use an older phone or one of the best smartphones, you might be vulnerable to SMS blaster attacks.

The worst part about these scams is that the cybercriminals don't even need to know your phone number.

SMS blaster attacks are increasingly common

Wired reports that these scams originate from Southeast Asian countries, but they're now increasingly common worldwide.

Just a few months ago, a man in the UK was jailed for more than a year for using an SMS blaster in the boot of his car (via The Guardian). He drove around London for a few days in March 2025, and the texts he sent out reached thousands of potential victims. Ironically, as the authorities came to arrest him, they received a text claiming to be from HM Revenue and Customs – the result of the phishing device.

Close up of a business person using a smartphone.

(Image credit: Pixabay)

With that said, this tech is still relatively new, and mobile networks are helpless when it comes to stopping them. "None of our security controls apply to the messages that phones receive from them," Anton Reynaldo Bonifacio, the chief information security officer and chief AI officer at Globe Telecom, told Wired.

SMS blasters are being sold online for thousands of dollars, which, for a group of cybercriminals, is not much of an obstacle. So far, there have been reports of SMS blaster scams from many countries, including New Zealand, Brazil, Vietnam, Thailand, Japan, and the UK.

How to protect yourself

If you have an Android phone running Android 16 or newer, you can disable 2G connectivity on your device.

To turn off 2G connectivity, look for the "2G network protection" toggle in your Mobile Network or SIM Settings. This can typically be found in Settings > Network & Internet > SIMs, where you can find an 'Allow 2G' toggle (see below).

On Samsung phones, look for a similar setting in Settings > Connections > Mobile Networks, where there should be an 'Allow 2G service' toggle. Beyond that, Android 16 also introduced a change that flags fake cell towers and alerts you about them.

An Android phone on a green and blue background showing the 2G toggle setting

(Image credit: Google)

Apple doesn't have an exact equivalent to this, making it a bit harder to avoid 2G networks – but not entirely impossible. The iPhone's Lockdown Mode (below, available on iOS 16 or later) disables 2G connections, but you'll also lose many other features alongside that, so regular use isn't really recommended.

To find it on your iPhone, go to Settings > Privacy & Security, then tap on Lockdown Mode. This option is also available on iPads using the same process.

Two iPhones on a green and blue background showing Lockdown mode in the settings

(Image credit: Apple)

No matter if you use Android or iOS, the broader advice on avoiding SMS scams is the same regardless of source.

Be particularly wary of texts that ask you make a payment – for example, a toll fee. Other favorites among fraudsters are texts about deliveries, late payments, or refunds, so never follow these messages without investigating them first.

There are some other tell-tale signs. Scam texts frequently feature grammatical errors or inconsistencies with formatting. Pause for a moment and take a closer look at any URLs too, as they'll often contain oddities or giveaways.

Naturally, you should also only sign into your banking app or delivery service directly from your own address book or bookmarks (or by manually typing it into a browser), rather than clicking on any links in text messages.

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course, you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

You might also like

See more Computing News
Monica J. White
Monica J. White
Contributing Writer

Monica is a tech journalist with over a decade of experience. She writes about the latest developments in computing, which means anything from computer chips made out of paper to cutting-edge desktop processors.

GPUs are her main area of interest, and nothing thrills her quite like that time every couple of years when new graphics cards hit the market.

She built her first PC nearly 20 years ago, and dozens of builds later, she’s always planning out her next build (or helping her friends with theirs). During her career, Monica has written for many tech-centric outlets, including Digital Trends, SlashGear, WePC, and Tom’s Hardware.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.