38.4k unique visitors in the last 3 days

Vietnamese Describe Methods SMS Blaster Scammers Use to Evade Detection after New Hanoi Bust

The fake base station was carried by hand and its broadcast range was reduced to make it harder to locate.

Yet another SMS blaster was identified by the Vietnamese authorities in Hanoi on November 3, resulting in the arrest of a foreign national. The device was used to send smishing messages that impersonated Vietcombank. However, some aspects of how this particular SMS blaster was used differ from the pattern previously established in Vietnam and elsewhere. The authorities shared some technical details that are not normally made public in cases like these.

One particularly impressive statistic is that the relevant radio frequency team provided enough tracking data for the authorities to find the SMS blaster only a little more than 2 hours after they were alerted to scam messages being sent in Hanoi. The device was found in a suitcase which was being carried by hand through crowded parts of the city.

The broadcast range of the device had been deliberately limited to make it more difficult to locate as it was being carried around. The authorities also noted that the Tracking Area Code (TAC) broadcast by the device was frequently altered. The best network operators have learned how to track the movements of rogue base stations by recognizing the transmission of a suspicious TAC. An unnamed Vietnamese telco told VietNamNet that they have developed a ‘real time detection system’ that warns the police about where to find fake base stations.

I speculated that sophisticated criminals may now prefer to limit the range of radio transmissions from SMS blasters following the arrest in October of a Chinese man operating an SMS blaster on a London subway platform. The use of fake base stations to send fraudulent SMS messages is an adaptation that criminals have adopted in response to improved controls elsewhere in the communications ecosystem. Now some telcos have become very slick at tracking down the location of rogue base stations. The criminals will keep adapting their techniques to try to evade detection for as long as they can.

Police shared one photograph of the suitcase and the equipment inside. The image mostly shows the portable power station that supplied the SMS blaster with electricity. It has been reproduced below.

Eric Priezkalns
Eric Priezkalnshttp://revenueprotect.com

During his career, Eric has been a Director of Risk Management for a national telco, the Chief Executive of the Risk & Assurance Group, a Chief Marketing Officer for a software business, a consultant, a public speaker and the publisher of Commsrisk since its launch in 2006. Look here for more about the history of Commsrisk and the role played by Eric.

The comms providers that Eric has worked for include Qatar Telecom, Cable & Wireless, T‑Mobile, Sky and Worldcom. In addition to his proficiency at speaking about the current scamdemic, Eric is also a qualified chartered accountant and a subject matter expert in consumer protection, enterprise risk management, fraud prevention, data integrity and billing accuracy. Eric was the lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He can be reached through the contact form on this website.

Related Articles

The Commsrisk Global Fraud Dashboard


Our Global Fraud Dashboard uses AI-powered search to collate, update and visualize data about scams and other network abuses from around the world. New charts are added each month. See it here.

Get Our Weekly Newsletter by Email