Ddos 
A Chinese student has been sentenced to over a year in prison by Inner London Crown Court for orchestrating a mobile SMS-based phishing (smishing) campaign using a covert “SMS Blaster” system hidden in his car.
The arrest and conviction followed an intensive investigation by the Dedicated Card and Payment Crime Unit (DCPCU)—a specialized UK police unit funded by the banking industry—and was supported by a coalition of mobile network operators, cyber security experts, and regulators.
“Criminals are sophisticated and will continuously make attempts to bypass fraud prevention measures designed to protect consumers,” said Paul Curtis, Detective Chief Inspector of the DCPCU. “It’s important to stay alert to potential fraudulent messages.”
Between March 22 and 27, 2025, Xiong drove through Greater London in a black Honda CR-V with an SMS Blaster concealed in the boot. This device acted as a rogue cell tower, mimicking legitimate network signals to trick mobile phones into connecting.
Once connected, the device sent spoofed SMS messages to nearby mobile devices. These texts impersonated trusted organizations—like government bodies—and contained malicious links designed to steal personal and financial information from unsuspecting victims.
“The equipment was programmed to send out SMS messages… designed to look like trustworthy messages from genuine organisations,” the release noted.
Officers from the DCPCU worked alongside major telecom providers—BT, Virgin Media O2, Vodafone, Three, and Sky—as well as the National Cyber Security Centre (NCSC) and Ofcom, the UK’s communications regulator.
The conviction underscores the continued threat of smishing in the UK, which remains the country’s most common form of crime.
“Over the previous two years, Virgin Media O2 has blocked more than 168 million fraudulent texts… and we’re flagging more than 50 million suspected scam calls each month,” said Murray Mackenzie, Director of Fraud Prevention at Virgin Media O2.
But despite these measures, criminals are constantly innovating. The DCPCU confirmed that seven people have been arrested and seven SMS Blasters seized in related investigations.
The public is urged to remain vigilant and report suspicious messages by forwarding them to 7726 (a free anti-spam service) or using the report function in their messaging app.
UK Finance reiterates the core principles of the Take Five to Stop Fraud campaign:
- Take a moment to stop and think before parting with your money or information. It could keep you safe.
- Ask yourself, could it be fake? It’s ok to reject, refuse or ignore any requests. Only criminals will try to rush or panic you.
- Don’t click on links or open attachments in unsolicited SMS or emails, even if it appears to be from a company you know.
- Get a second opinion from someone you trust about what you’ve received.
- Be cautious of any ‘too good to be true’ offers.
Related Posts:
- Panda Shop Smishing Syndicate: China-Backed Cybercrime-as-a-Service Hits Millions Globally
- Cyber Alert: Smishing Triad Gang’s Fake UAE Authority SMS Scam
- Smishing Triad Targets Pakistan with Large-Scale Banking Scam
- CVE-2024-22036 (CVSS 9.1): Critical RCE Vulnerability Discovered in SUSE Rancher
- Smishing Triad: eCrime Group Targets 121+ Countries with Advanced Smishing
Donate