Three men were arrested after Toronto police say an “SMS blaster” spoofed a cellular tower to deliver phishing texts and disrupt emergency connectivity.
Canadian authorities have arrested three men after finding an “SMS blaster” device used to spoof a cellular tower and push phishing SMS messages to phones in downtown Toronto.
The arrests. reported by Misryoum. point to a growing cybersecurity threat that doesn’t rely on phone numbers or accounts—only proximity.. With the right signal trick. the device forces nearby phones to connect. then uses that connection to deliver fraudulent texts that look like they’re coming from trusted institutions like banks or government services.
What an “SMS blaster” actually does
An SMS blaster mimics a legitimate base station by emitting signals that resemble real cellular network infrastructure. When phones detect those signals, they can automatically attach to the rogue tower because the signal strength appears stronger than the carrier’s.
Once the connection is established, the operators can transmit SMS messages that appear authentic to users.. Those messages often steer recipients toward links that lead to fake websites created to harvest personal data—especially banking credentials and passwords.. Misryoum notes that the scale is a key part of why these setups are so dangerous: in crowded areas. many devices can fall under the device’s radio range at once.
A Toronto operation that moved across the region
Misryoum reports that Toronto Police said the investigation. dubbed ‘Project Lighthouse. ’ began in November 2025 after tips about suspicious activity in the city’s downtown core.. Investigators concluded that the equipment was operated from vehicles. allowing the operation to shift across the Greater Toronto Area and target more people over time.
Police also said they carried out searches in Markham and Hamilton on March 31, seizing multiple SMS blasters and other electronic equipment. Two suspects were arrested, while a third man turned himself in on April 21.
Behind the headlines, there’s an important operational detail: vehicles make these attacks harder to pin down. A stationary device can be investigated and located more quickly; a mobile setup can distribute exposure across neighborhoods and complicate how responders correlate incidents.
The real-world risks go beyond phishing
Misryoum understands that the impact isn’t limited to scam texts and fake login pages.. The police described another serious consequence of rogue tower activity: phones that connect to these devices can be temporarily disconnected from their legitimate network.. That matters because it can affect basic connectivity, including access to emergency services when people need them most.
That risk changes how the public should think about SMS.. Messaging may feel like a simple. everyday tool. but in these scenarios it becomes an insecure channel—one that can be abused when a device’s network attachment is manipulated.. If your phone can be made to “trust” the wrong tower. then the messages can look correct even when the sender is not.
How people can reduce exposure
Misryoum reports that authorities recommended specific defensive steps.. One suggestion for Android users is disabling 2G downgrades, a change intended to reduce certain kinds of fallback behavior.. However. Misryoum emphasizes that this measure isn’t a universal shield—more advanced setups targeting LTE/5G signaling may still work.
More broadly, Misryoum advises treating SMS as unsafe for sensitive actions.. The safest habit is simple: don’t follow links received over SMS. especially when the message urges immediate action or asks for credentials.. For anything involving passwords. account takeovers. or financial details. the recommendation is to use end-to-end encrypted channels rather than relying on SMS.
There’s also a practical question many people don’t think about until something goes wrong: “Did my phone connect to the real network?” When rogue tower behavior is possible, the answer can’t be assumed just because the text looks convincing.
Why this case signals a wider problem for mobile security
Misryoum views this arrest as more than a single local incident.. Rogue cellular infrastructure attacks target a fundamental weak point in mobile connectivity: the trust a device places in the strongest available signal.. When attackers can spoof that trust, phishing can scale quickly in dense settings without traditional fraud infrastructure like phone-number lists.
The police described an enormous number of “mobile network entrapment” cases during the device’s operation. Even without focusing on any single figure, the takeaway is clear—these attacks can affect large groups fast, and they can do it while remaining difficult to detect.
As mobile networks evolve, so do the ways attackers can try to intercept or manipulate traffic.. Misryoum expects more attention from both law enforcement and the security community on defenses that reduce reliance on insecure network attachments. plus better user guidance on how to respond when messages appear urgent but suspicious.