A 23 year old man was arrested by the Hong Kong Police on February 17, accused of using a false base station to send SMS messages that impersonated government departments and well-known businesses. The police had received 28 complaints since February 11 about suspicious messages sent using an SMS blaster, which is estimated to have sent more than 10,000 SMS messages in total. This is reportedly the first time that Hong Kong Police have arrested someone using an SMS blaster.
The methods used by the fraudster are consistent with the techniques used by smishers with SMS blasters in other countries. The SMS blaster was found in the back of a rented Mercedes-Benz van that was stopped in Mong Kok, one of the busiest shopping districts of Hong Kong. Phones within range of the SMS blaster had their network connections downgraded to 2G prior to receiving an SMS. Messages sent using the SMS blaster contained hyperlinks to websites that were created to phish the personal information of victims. Despite the speedy response of the police, one victim had already lost HKD22,000 (USD2,800) as a consequence of supplying his credit card details to a phishing website.
However, one difference in this case is that the driver of the van carrying the SMS blaster has not been arrested. The driver is a member of an association of light truck drivers. He was hired by the arrested man and told to spend the day driving around the Yau Tsim Mong region, a densely-populated part of Kowloon. The peculiar request prompted the driver to contact his union representative for advice. However, the union representative told him it was alright to continue. The vehicle was eventually stopped by police around 5pm, and the driver was released after giving his account of the day’s events with the support of a union leader. Other professional drivers have since been warned about accepting jobs that involve circling the city with mysterious electronic equipment.
Hong Kong has an SMS Sender ID registry that stops A2P SMS messages which impersonate reputable organizations. The registry dates back to 2023, making Hong Kong a relatively early adopter of this kind of control, which is being replicated by a growing number of countries worldwide. However, controls on A2P communications are rendered irrelevant by SMS blasters, which are radio devices that bypass all genuine phone networks by connecting to a mobile phone directly. The fraudster in this case intentionally exploited Hong Kong’s process for registering Sender IDs to make his messages appear authentic. All registered Sender IDs in Hong Kong begin with the ‘#’ symbol, so the fraudster also copied this symbol when reproducing the Sender IDs of well-known organizations like digital payment platform Alipay and delivery firm SF Express.
Sender ID registries are a good idea but it is inevitable that fraudsters will search for ways to work around every barrier put in their way. Whilst it is important that controls be executed over bulk communication services to prevent them being co-opted by scammers, it is equally important to recognize that fraudsters will adapt their techniques in order to keep finding new victims for their crimes. There has been a clear rise in global reports of criminals caught using radio devices such as false base stations and simboxes to make calls and send messages. Telcos cannot stop this kind of criminal activity. More proactive policing is needed than simply trying to identify and block scam communications. Law enforcement needs to target the use of radio devices by criminals. Legislators need to toughen laws controlling the advertising, import and licensing of radio devices that are rarely used for anything but crime.
Look below for police photographs of the SMS blaster and the vehicle that carried it.






