This was hugely overblown in the media... While the device operates like a stingray, they were using it to spam and phish. The whole claim of "we've never seen this type of device before in Canada" is a lie, because the government and law enforcement both use them. I guess it's okay if they do it, but nobody else can...
kevin_thibedeau 1 days ago [-]
> hugely overblown
Did they graciously forward emergency calls and text messages to the real phone network?
cucumber3732842 1 days ago [-]
The fact that they didn't get busted in no time at all seems to point strongly in that direction. With the amount invested in this operation that would just be common sense.
dnnddidiej 1 days ago [-]
Might as well start a telco at that point.
lxgr 1 days ago [-]
“Please enter your 16 digit payment card number to be connected to an emergency operator”…
echelon 1 days ago [-]
Hopefully nobody in the area was an oncall surgeon, engineer, etc.
mc32 2 days ago [-]
Yes I think they mean they hadn’t seen it used before outside of sanctioned organizations. Though one could argue some bad actors inside the org likely used it outside of official capacity though not likely with knowledge or approval by superiors.
anigbrowl 2 days ago [-]
Wouldn't it be great if public officials would say what they in fact mean the first time?
rdevilla 2 days ago [-]
Torontonians are hardwired to be incapable of speaking like this.
bigiain 2 days ago [-]
And law enforcement are trained to speak a language with sounds like english, but isn't, and which makes no sense.
(A long-ish read, but totally worth it. the "punch line" is beautiful.)
philipallstar 1 days ago [-]
Speed and brownness were involved in a jumping‑related incident with a lazy dog and a fox.
rdevilla 1 days ago [-]
Poetry.
raverbashing 1 days ago [-]
I would say Canadians but British Columbians (yes this is the actual term) are even worse
hluska 1 days ago [-]
An sms blaster was never used in fraud like this in Canada. Does that really make that big of a difference to you?
nubinetwork 17 hours ago [-]
There's a huge difference between "I like pineapple", and "I like pineapple on my pizza".
boneitis 1 days ago [-]
I don't buy it. To me, it'd be like hearing them say "we've never seen spam/scam phone call campaigns before!"
This loses all believability, given the fact that i can reliably go out of town to a different area code and immediately start getting phishing/scam/robo calls/texts from numbers of said area code. Granted, i am U.S.'ian.
tamimio 1 days ago [-]
To add, ISED literally goes around in cars to scan for non registered BTS (or even non conforming ones) and report them, sometimes (or a lot of times) they catch false positives when the interference happens to be a strong LED lol. The gov uses the tech to ID individuals however, especially in group gatherings or around certain locations, always look around for big vans with no windows :), I either don’t take my phone or it’s always on airplane mode until I want to disable it briefly before activating it again.
2 days ago [-]
yieldcrv 1 days ago [-]
prosecutors have never seen them because the DA has never brought a case against the agencies that use them
so it’s an accurate statement
the government isn’t one thing, it’s people that don’t work for all agencies
hluska 1 days ago [-]
The claim was that this was the first time that a device like this has been used in fraud but go ahead, misread things and become outraged. I’m sure that in this case the fraudsters properly forwarded all 911 calls so no harm, no foul hey?
panny 2 days ago [-]
A government backdoor was found and abused by criminals? No one could have predicted this! :)
QuantumNomad_ 2 days ago [-]
Isn’t it less of a government backdoor and more of a result of generally old and insecure protocols still being in use for telecom?
Like, the phones happily connect to these fake towers because the signal is strongest from that one and there is no authentication to verify who the tower belongs to, nor encryption of SMSes?
Affric 1 days ago [-]
Well said but by the time mobile phone towers were built we had been tapping phone lines for a long time. Hard to not think that to an extent default insecurity for telecoms was a choice.
sitharus 1 days ago [-]
When it was developed it was assumed that the cost of cellular equipment and, in some countries, the regulatory hurdles required to get authorisation to purchase radio transmitters that operate on licensed bands would make it almost impossible to do this.
I worked in a company that had a base station emulator in their testing lab in 2008. I can’t recall the cost but it was well over $10,000 and only worked with direct antenna coupling, it couldn’t broadcast.
Now we have software defined radios.
Nasrudith 1 days ago [-]
Do you honestly believe that teleco companies wouldn't receive government backlash about 'the children' if they were to implement an actually secure standard?
Jolter 2 days ago [-]
It’s not exactly a back door. It’s a fake radio cell, mimicking your network provider and acting like a man in the middle. In that sense, it’s like a stingray. The differences are
1. The Stingray eavesdrops, but avoids interfering with user traffic
2. The stingray is operated by law enforcement, not by fraudsters looking to steal your money
AngryData 2 days ago [-]
In mamy parts of the US, the cops are the fraudsters looking to steal your money. So it isn't that much of a difference.
Cider9986 1 days ago [-]
Ban civil asset forfeiture!
alister 1 days ago [-]
In Brazil, people get so much SMS spam and phone call spam that many people turn off notifications for all text messages and phone calls and use only Whatsapp (even for voice calls).
But once in a while my iPhone in Brazil will get spam as a unblockable "system message". I'm not sure if I'm using the correct term. I'm mean that it looks just like an Apple system notification and it disappears without a trace afterward, but the content is obviously spam.
I wonder how they are able to do this.
ninkendo 1 days ago [-]
I wonder if the cell carriers are seeing this as the existential threat it is, or if they’re just continuing with the whole “bury our heads in the sand” strategy.
If having a phone number has no benefit and only brings spam, and WiFi is ubiquitous in urban areas, a huge chunk of the population don’t really need cell plans any more. And the places without WiFi coverage (less dense areas) are the most expensive to provide service.
In the US at least, the FCC used to be pushing hard to combat the spam, like requiring authentication for caller ID, and it was the carriers that were dragging their feet and lobbying against it. So something tells me they just continue to view all the spam senders as an easy income source and don’t mind letting their whole business model die if it means short term profits.
bluGill 23 hours ago [-]
Most places with wifi around me don't offer great options. My local school blocks a lot (and I'm mostly there outside of school hours, they block more) - these are mostly places I wouldn't go anyway, but once in a while I hit something blocked. My office does the same - but they don't have public WiFi, an employee needs to get you a login (this is easy to do, but if you don't know someone who works in the building you can't connect at all). Most public wiki (including school above) also requires you accept a terms of use. Most devices won't automatically connect to any found open access point, so to use public WiFi I need to manually do everything.
That is I don't think people will use WiFi only, unless they are going to drop always reachable communication. (which given the SPAM OP mentioned maybe...)
pocksuppet 19 hours ago [-]
You still need a phone number to use apps like WhatsApp. The provider gets all of the same money, but without having to provide a service.
The nice thing on iOS at least is that they make it known it's a flash message. You'll get a full screen modal dialogue including a "Why did I get this message?" link that informs you about it and also informs you that sometimes they're used for scams.
Android just gives you a generic popup that says "Class 0 message" in my testing.
apt-apt-apt-apt 1 days ago [-]
In USA, I personally get 3-5 spam phone calls and voicemails daily. Mostly all the same, like "your $20K loan is almost ready".
One time, I picked up, and it was this seemingly incredibly rude person who sounded real but continue talking in a pushy manner without stopping despite what I said.
It's insane getting so many calls all the time like I owe them a bunch of money or something. Anyone else get this?
lxgr 1 days ago [-]
This matches my experience.
The US seems to have completely given up on protecting its public phone network against abuse, while at the same time relying on phone numbers as the primary identifying key and authentication method for humans in countless business processes.
It took years (if not decades) of regulatory neglect to get that bad; I doubt there’s an easy fix at this point. It’s really concerning.
ChrisMarshallNY 22 hours ago [-]
I suspect that the main reason is that politicians rely on the same mechanisms as robocallers and spammers, so they don't want to restrict it.
Sometimes, I get robocalls from local PACs, and they get automatically flagged as scams, because the dialer companies that the politicians use, are ones that also run outright scam campaigns, and get blacklisted.
lxgr 22 hours ago [-]
> they get automatically flagged as scams, because the dialer companies that the politicians use
If it were possible to reliably determine the source of a call in the US phone network, spam wouldn't be an issue!
Theoretically, STIR/SHAKEN should enable that; practically, there are too many gaps to enforce it (importantly, it does not travel across TDM, i.e. non-VoIP, paths), so spammers still get away with it.
tim333 1 days ago [-]
It's not a prefect system but I don't use a landline and set unknown incoming numbers to silent unless I'm actually expecting a call. Someone important trying to call can always leave a message but the spammers never have.
devilbunny 1 days ago [-]
> Someone important trying to call can always leave a message
Curiously, it seems to have become a cultural touchstone not to leave a voicemail. I have had to educate people about this. My service is with Verizon, and for what I assume are historical reasons the caller will hear rings on their end even if my phone isn't receiving the call (AT&T does not have this issue). If you don't leave a voicemail, I literally have no way of knowing that you called. Said voicemail can be as simple as "call me".
I'm a physician, and the hospital where I do most of my work has a policy against sending PHI over text (a very reasonable policy). So many nurses are reluctant to text me anything, even when it's just "please call Adam on 3 South".
lxgr 1 days ago [-]
If people need to stop notifications for incoming calls/messages, I'd call that dysfunctional, not just suboptimal.
And what's worse is that even if this were to be fixed now, the reputational damage is already done, since many people will probably never change their devices back to ringing again.
> Someone important trying to call can always leave a message but the spammers never have.
My US mailbox is full of spam calls.
goodcanadian 24 hours ago [-]
I haven't lived in the US for a long time so this may no longer be true, but when I did live there, putting my number on the do not call register actually helped a lot.
rationalist 20 hours ago [-]
Doesn't seem to work for me.
ChrisMarshallNY 22 hours ago [-]
That once worked.
Nowadays...not so much.
bluGill 23 hours ago [-]
Weird, I get spam about 6 times per year. I've been on the do not call registry for years. My provider also made a bunch of anti-spam changes a while ago (at least a year) which stopped nearly all the remaining spam. To me is seems like this problem is solved.
apt-apt-apt-apt 22 hours ago [-]
Hm, I'm on a 2nd-party, not 1st-party, carrier like ATT/T-Mobile, maybe my provider lacks this protection.
nomel 15 hours ago [-]
One of the scams is to use AI to clone your voice, then call a relative to ask for money [1].
I used to answer and mess with the callers, but no longer do.
I got 3 calls purportedly from hubspot in the last week, from 3 different caller ids. It wasn’t a robocall, the same voice. I just hung up the first two times and the third asked him to stop calling. Incredible. I only answered the calls because I was expecting a call from an unknown number.
compounding_it 1 days ago [-]
>use only Whatsapp
WhatsApp here in India has so much spam now. With ads, I am starting to think these spam are just ads sold by WhatsApp.
anilakar 1 days ago [-]
> that it looks just like an Apple system notification and it disappears without a trace afterward
Probably so-called SMS flash messages. They're shown as overlay popups on Android too.
ThePowerOfFuet 4 hours ago [-]
Those "system messages" are class zero SMS, also known as flash SMS.
ExpertAdvisor01 1 days ago [-]
Probably they use flash sms(class 0 messages)
SwtCyber 22 hours ago [-]
How many telecom features were designed in a more trusted era
ThePowerOfFuet 2 hours ago [-]
All of them.
dreamlayers 2 days ago [-]
How is this possible? Are phones willing to connect to any cell and blindly trust that text messages from there are genuine and really coming from the numbers they claim to be coming from? Isn't there some cryptographic verification?
mcpherrinm 2 days ago [-]
2g networks didn't have the phone verify the network, so yes they can do this.
At least as of today, most phones have an option to turn off 2g but that isn't a default.
OptionOfT 2 days ago [-]
The only way to truly disable 2g on an iPhone is to enable lock-down mode, which is a step too far for me.
xamuel 1 days ago [-]
Agree. I do a lot of travel and in 3rd-world countries it is quite common to get 2g spam, it's really unacceptable that Apple doesn't offer a way to turn off 2g short of lockdown mode.
lxgr 1 days ago [-]
Are you sure it's not sourced from the visited network? In that case, 3G or beyond wouldn't help you, as mutual authentication does not imply end-to-end authentication of all traffic between you and your home provider.
lostmsu 1 days ago [-]
At least Pixels have the setting to disable 2G, which is on by default.
akimbostrawman 1 days ago [-]
It's always amusing to me how apple tries to hide basic security features behind there super duper totally secure mode which nobody will enable because it destroys usability.
Meanwhile GrapheneOS in the default mode is as much or much more secure (and private duh) than there marketing mode with little to no usability decrease.
mayhemducks 23 hours ago [-]
I was curious about this so I looked around a bit. My interpretation is that GrapheneOS still has not cracked this nut. Neither has iPhone, unless you enable "Lockdown Mode"
5G-SA only is a separate issue which currently neither devices support.
OGWhales 22 hours ago [-]
Yeah, they really go all or nothing with the lock down mode. There are a lot of things from it I’d like to enable but not everything.
opengrass 2 days ago [-]
Plausible. Only Rogers still has working 2G.
mcpherrinm 2 days ago [-]
It doesn't matter what the network is doing; the phone needs to disable 2g. There's various ways to get the phone to downgrade to 2g otherwise, eg https://montsecure.com/files/2021_downgrade.pdf
And if you have a modern enough SIM+phone combo, it won’t even display the 2g network as an available network, nor 3G on my device.
I wonder if this mostly hit international SIMs, since they wouldn’t be running the same level of SIM code to prefer various network locks like a local SIM.
Helps you stay under the radar and gov services over SMS is a lot more advanced outside of Canada if you want to do some fraud.
gruez 2 days ago [-]
>And if you have a modern enough SIM+phone combo, it won’t even display the 2g network as an available network, nor 3G on my device.
Source? It might just be that your carrier retired its 2g/3g network, not that the phone/sim refuses 2g/3g connections. If some cell tower popped up claiming to 2g/3g, your phone still might happily connect.
Scoundreller 1 days ago [-]
source = Rogers SIM in me phone
my Telus/Bell SIM shows the 3G network tho
lxgr 1 days ago [-]
Unfortunately, I think there's no way for a SIM card to indicate to the phone that it would like it to please never connect to any 2G (or any non-mutually-authenticated) network.
Absent that, maybe this happens via a carrier profile (or equivalent mechanism)?
Scoundreller 22 hours ago [-]
Ah, so the attack might depend on whether your phone is set to allow roaming or not. Maybe.
But I only have an option for data roaming on/off, not roaming entirely.
lxgr 22 hours ago [-]
I don't think that matters, since the phone has no way of knowing from the SIM card alone whether it should still connect to 2G networks or not.
It sounds like a good idea to at least restrict 2G connections to non-roaming scenarios, but then you have the next practical problem: How does your baseband know that you're abroad?
Sure, all solvable at the application layer (the phone could use location heuristics to figure out where it is etc.), but not trivial and full of edge cases that could easily result in your phone mysteriously not connecting while abroad or, worse, not being able to make an emergency call or similar.
Scoundreller 19 hours ago [-]
I also kinda figure there’s some magic running to “stick” to your home network where available/visible because of international border areas and people historically getting regularly upset about being roaming charges despite never leaving their home country.
lxgr 19 hours ago [-]
SIMs can define both their home network (both implicitly since the IMSI starts with MCC/MNC of the issuer/home network, and explicitly in the form of a list of "equivalent networks", which is useful for MVNOs with their own MNC that don't want the "roaming" icon to show up) and a ranked list of preferred roaming networks. The phone should usually define those.
Of course, in some situations you might only get signal from across the border, and then none of these mechanisms can help.
Scoundreller 17 hours ago [-]
I’d add in some high buildings in Toronto, if I did a network scan with a foreign SIM, I could see some US networks from over the lake, but with a Rogers SIM, they would not be visible in the scan.
stephen_g 1 days ago [-]
That's incredible, here in Australia they not only shut down all 2G networks almost a decade ago, but they've already shut down 3G as well!
Although now looking at Wikipedia there are a lot more 2G networks sticking around than I realised, still hard for me to believe given what's happened here!
wil421 1 days ago [-]
You do realize it’s a fake 2g/3g network and most phones don’t care. They will happily connect to whatever they support.
stephen_g 6 hours ago [-]
Of course I realise that, but that’s irrelevant to my point.
The point was that I’m surprised how many real 2G networks there still are, and that one still exists in Canada at all.
lxgr 1 days ago [-]
Only if they’re not already connected to a better network, no?
voxic11 20 hours ago [-]
Funny enough its the tower that tells the cellphone modem which network is "better" and it does this in an unencrypted cell reselection message. So it is easy to force a phone to select 2G.
Huh, I was going to say that this can't possibly be the case for the newer standards, but it seems like it really is the case even in 4G/LTE...
Hopefully devices at least ignore it when 2G is deactivated entirely, for those where that's possible.
llm_nerd 2 days ago [-]
Which is interesting in that they very publicly shut down the 3G network last year.
Scoundreller 16 hours ago [-]
Probably some IoT/M2M contracts. Telus/Bell has really cut down on the spectrum allotted to their 3G that’s still up, and I doubt much is still assigned on Rogers’ 2G side.
capitalhilbilly 2 days ago [-]
The original standards weren't expecting anyone but carriers to send messages and ramping up security has been a slow process, so downgrade attacks probably work nicely.
1 days ago [-]
SwtCyber 21 hours ago [-]
SMS is old infrastructure and the sender identity in an SMS is not like a signed email domain or an end-to-end verified chat identity. A lot of trust sits in the carrier network and interconnects
opengrass 2 days ago [-]
Guessing the spammer doesn't want to overload towers or be foxed within the same 3 so they're driving. Maybe the hats(?) shut off on rotation... or eSIM?
kotaKat 2 days ago [-]
Well, based on what I'm gleaning from https://www.smsbroadcaster.com/ (yes, they sell these brazenly in the open), I suspect they're doing some SDR shenanigans to bring up fake cell networks and leverage Cell Broadcast instead of just SMS.
They are also interfering with connections and attempting downgrade attacks to do 2G SMS messages as well (and is likely where Canadian carriers were picking up the 'millions' of attacks against its network and failed authentication attempts).
Amusingly this was all also caught because of Telus reviewing those SMS messages that were reported as spam from people on iOS/Android and realizing that the messages weren't being terminated inside the cell network at all when they tried tracing them out and suspected that this was the case.
1 days ago [-]
1 days ago [-]
ndisn 1 days ago [-]
>Dafeng Lin, 27, of Hamilton, Junmin Shi, 25, of Markham, and Weitong Hu, 21, of Markham
Why would someone use one of these instead of good old fashioned SMS / iMessage / email spam?
mcpherrinm 2 days ago [-]
There's zero spam filtering interfering this way, and you can target your messages very precisely.
tonyarkles 2 days ago [-]
And zero record of it ever happening as far as the carrier's concerned.
sofixa 1 days ago [-]
Idk about zero, my Android device has SMS spam filtering, putting them in a separate inbox, hiding the notification, and with big red warnings if I indeed open them.
pocksuppet 19 hours ago [-]
Can't be blocked by the provider, doesn't require a subscription with a provider, can falsify the sender, can send to everyone in range instead of guessing numbers.
yard2010 1 days ago [-]
Rest assured the state behind this attack does it as well. Why not both?
numpad0 15 hours ago [-]
The conspiracy explanation would be that the primary purpose is IMEI/IMSI data collection and/or wireless bug planting, and scamming is secondary purpose and/or deep sampling operation. Though, this is just my hallucination.
numpad0 1 days ago [-]
Oh so it's happening in Canada too? I've seen it reported on media in another place few months back.
Someone's shipping a standardized kit of Stingray with battery and PSU to be installed in the back of German station wagons. The kits are suspected to be spamming phishing texts, at least some in Chinese. The cars are driven as unregistered taxis paid for on Chinese platforms, avoiding taxes while also justifying its driving routes and expenses that involve tourist destinations.
It's not clear to me if this Chinese authority/PLA doing or if it's another one of those southern Chinese warlord thing, both sounds plausible.
Does not seem related to Chinese nationals here, but standard scam SMS
xiconfjs 1 days ago [-]
Do you have any source for this? It‘s not about trust in your information but do get deeper into this topic.
numpad0 15 hours ago [-]
I was misremembering a bit, it was about exactly one year ago. No English sources for the case I saw that I'm aware of.
A rather interesting and Tom Clancy part of this whatever op is that, someone did a bit of digging and discovered that all instances of this across regions and nations use the exact same model of that black air circulator fan that aren't exactly sold everywhere. So as janky as they look, it's clearly a disciplined military style operation by some organized group than just local gangs buying parts and improvising as they go.
Makes me wonder whether phones should expose more information when they attach to a suspicious or downgraded cell tower
awei 1 days ago [-]
would encrypting sms and using some kind of authorized certificate authorities, maybe the ones from the country's phone carriers, alleviate this issue?
lxgr 1 days ago [-]
3G and beyond use mutual authentication between your phone and home network, so this only works while phones still happily connect to 2G (GSM) networks if nothing better is around (or is getting jammed at the same time).
SadErn 1 days ago [-]
[dead]
AirMax98 2 days ago [-]
[flagged]
bawolff 2 days ago [-]
This reads like a pretty standard sentence to me. Especially in the context of a police press release trying to explain tech to the public.
I think at some point people see AI everywhere because they look for it everywhere.
stephen_g 1 days ago [-]
Yeah, I mean if you think about why do LLMs use this kind of phrasing so much, it's just because it was already a common sentence construction in the training data written by humans!
dumpsterdiver 1 days ago [-]
Are you trying to make a point that we should remain open to the possibility that humans can express themselves eloquently?
tamimio 1 days ago [-]
It’s there to prevent “public panic” ie they weren’t after you specifically or after xyz group, but just random mass attacks, or to prevent more cases and parties to be involved
fragmede 2 days ago [-]
I mean, you used an emdash. Are you an LLM?
caymanjim 2 days ago [-]
LLM would have used it properly and omitted the spaces.
cnst 1 days ago [-]
These things just prove that the entire "security" industry is a sham.
At one point, every bank would ensure that your password COULD NOT be saved by your browser, because sEcUrItY.
Which is precisely the scenario where typing your password into a site like this is possible.
topspin 2 days ago [-]
Charges? Cool. In the US we find huge SIM farms in major cities[1], law enforcement shrugs, and everyone forgets about it.
SIM farm is a different scenario and arguably not even illegal. This story is about scammers operating a DIY stingray that broadcasts phishing messages via SMS to nearby devices.
nerdsniper 2 days ago [-]
SIM farms / phone farms aren't inherently illegal. Some are used pro-socially, for example to enumerate hosts in malicious IoT botnets.
nightpool 2 days ago [-]
"Law enforcement shrugs"? The whole focus of the article is about how the secret service confiscated those devices and charged the SIM farm operators with crimes. Which part of that is shrugging?
htk 2 days ago [-]
The article is about Canada.
pnw_throwaway 2 days ago [-]
[flagged]
tamimio 1 days ago [-]
SIM farms are devices with a lot of SIM cards aka numbers used to scam/flood victims numbers after these were acquired through ad companies, purchased these numbers online, etc.
The OP ones are actively scanning the vicinity and acting like BTS to connect to phones automatically, equipped with radio antennas, SDR, etc. to gather the victims numbers in real time and send them spam/phishing while the phones are connected to to these BTS
The real story is the government didn’t really care about users being spammed, you get those all the times and there’s little regulation to protect you (like preventing corporate from selling your number etc.), they cared because with these devices people can and will communicate outside of the approved channels, that also might be encrypted too, so harsh charges and make it as public as possible to deter others from doing the same, even if they were not in it to scam or phish people, and notice on the emphasis on “blocking the 911 calls!!” so jamming charges are there too.
walrus01 2 days ago [-]
People I know in US telecom are not surprised by these SIM farms. These people are either:
a) Doing some weird grey market VoIP thing. 32-in-1 GSM to SIP gateways have been a thing for a very long time in the developing world. Maybe they think they found some arbitrage route for phone traffic to/from the US PSTN that they can profit from. Anyone who interacts with grey market voip stuff will recognize these things immediately.
b) Using them for something like receiving 2FA authentication codes to create bot/socketpuppet social media accounts. In this sort of scenario they'd have live phone numbers/service and the cheapest possible phone plan, and ability to receive incoming SMS. The accounts then get provided to some other group of people who are doing mass advertising/social media manipulation.
zarzavat 1 days ago [-]
Regarding B, why would you create your sock puppets in the US instead of in some developing country where everything is a lot cheaper?
If they are using it for 2FA it's likely for some US-only service.
walrus01 1 days ago [-]
"Authentic" US domestic resident sockpuppets for political or social manipulation. Combined with things like using residential proxies/relays through traffic on compromised routers on top-10 sized US last mile broadband providers such as Comcast, RCN. Google "residential proxies for sale" for some examples.
Plenty of things like the various services run by Meta will treat your content differently if they know you're coming from a Bangladesh phone number and ISP vs. being what appears to be an authentic domestic USA human.
Having live US phone numbers that can receive SMS for "is a live human receiving this code" verification purposes is also useful for many other kinds directly fraudulent activities.
toast0 2 days ago [-]
c) grey route outbound sms. Even cheap US plans tend to have 'unlimited' sms, sometimes even to selected foreign destinations. Sometimes carrier billed SMS is cheaper than aggregators (but not too often) or may have better routing to difficult destinations.
walrus01 2 days ago [-]
Yes, I can definitely see that being plausible, particularly if they've gone to the efforts to make software tooling to spread out the outbound SMS volume around many different SIM and self-rate limit their volume, to avoid getting cut off, rate limited, or account banned.
kotaKat 2 days ago [-]
To point A: I remember a long while ago making a 'free VoIP' call and my call routed into a MetroPCS recording telling me my service was suspended for nonpayment. Hung up, redialed, number shot through another dodgy route.
Good times!
Joel_Mckay 2 days ago [-]
Not really, the FCC regularly drops >$300k fines on people not creative enough to figure out a revenue model that doesn't irritate everybody. =3
Rendered at 12:31:15 GMT+0000 (Coordinated Universal Time) with Vercel.
Did they graciously forward emergency calls and text messages to the real phone network?
https://www.mcsweeneys.net/articles/an-interactive-guide-to-...
(A long-ish read, but totally worth it. the "punch line" is beautiful.)
This loses all believability, given the fact that i can reliably go out of town to a different area code and immediately start getting phishing/scam/robo calls/texts from numbers of said area code. Granted, i am U.S.'ian.
so it’s an accurate statement
the government isn’t one thing, it’s people that don’t work for all agencies
Like, the phones happily connect to these fake towers because the signal is strongest from that one and there is no authentication to verify who the tower belongs to, nor encryption of SMSes?
I worked in a company that had a base station emulator in their testing lab in 2008. I can’t recall the cost but it was well over $10,000 and only worked with direct antenna coupling, it couldn’t broadcast.
Now we have software defined radios.
1. The Stingray eavesdrops, but avoids interfering with user traffic
2. The stingray is operated by law enforcement, not by fraudsters looking to steal your money
But once in a while my iPhone in Brazil will get spam as a unblockable "system message". I'm not sure if I'm using the correct term. I'm mean that it looks just like an Apple system notification and it disappears without a trace afterward, but the content is obviously spam.
I wonder how they are able to do this.
If having a phone number has no benefit and only brings spam, and WiFi is ubiquitous in urban areas, a huge chunk of the population don’t really need cell plans any more. And the places without WiFi coverage (less dense areas) are the most expensive to provide service.
In the US at least, the FCC used to be pushing hard to combat the spam, like requiring authentication for caller ID, and it was the carriers that were dragging their feet and lobbying against it. So something tells me they just continue to view all the spam senders as an easy income source and don’t mind letting their whole business model die if it means short term profits.
That is I don't think people will use WiFi only, unless they are going to drop always reachable communication. (which given the SPAM OP mentioned maybe...)
This is a "flash SMS" message: https://nickvsnetworking.com/flash-sms-messages/
https://i.imgur.com/lrSrm0n.jpeg
Android just gives you a generic popup that says "Class 0 message" in my testing.
One time, I picked up, and it was this seemingly incredibly rude person who sounded real but continue talking in a pushy manner without stopping despite what I said.
It's insane getting so many calls all the time like I owe them a bunch of money or something. Anyone else get this?
The US seems to have completely given up on protecting its public phone network against abuse, while at the same time relying on phone numbers as the primary identifying key and authentication method for humans in countless business processes.
It took years (if not decades) of regulatory neglect to get that bad; I doubt there’s an easy fix at this point. It’s really concerning.
Sometimes, I get robocalls from local PACs, and they get automatically flagged as scams, because the dialer companies that the politicians use, are ones that also run outright scam campaigns, and get blacklisted.
If it were possible to reliably determine the source of a call in the US phone network, spam wouldn't be an issue!
Theoretically, STIR/SHAKEN should enable that; practically, there are too many gaps to enforce it (importantly, it does not travel across TDM, i.e. non-VoIP, paths), so spammers still get away with it.
Curiously, it seems to have become a cultural touchstone not to leave a voicemail. I have had to educate people about this. My service is with Verizon, and for what I assume are historical reasons the caller will hear rings on their end even if my phone isn't receiving the call (AT&T does not have this issue). If you don't leave a voicemail, I literally have no way of knowing that you called. Said voicemail can be as simple as "call me".
I'm a physician, and the hospital where I do most of my work has a policy against sending PHI over text (a very reasonable policy). So many nurses are reluctant to text me anything, even when it's just "please call Adam on 3 South".
And what's worse is that even if this were to be fixed now, the reputational damage is already done, since many people will probably never change their devices back to ringing again.
> Someone important trying to call can always leave a message but the spammers never have.
My US mailbox is full of spam calls.
Nowadays...not so much.
I used to answer and mess with the callers, but no longer do.
[1] https://www.mcafee.com/ai/news/ai-voice-scam/
WhatsApp here in India has so much spam now. With ads, I am starting to think these spam are just ads sold by WhatsApp.
Probably so-called SMS flash messages. They're shown as overlay popups on Android too.
At least as of today, most phones have an option to turn off 2g but that isn't a default.
Meanwhile GrapheneOS in the default mode is as much or much more secure (and private duh) than there marketing mode with little to no usability decrease.
https://github.com/GrapheneOS/os-issue-tracker/issues/3952 https://github.com/GrapheneOS/os-issue-tracker/issues/6076
https://github.com/GrapheneOS/platform_packages_apps_Setting...
5G-SA only is a separate issue which currently neither devices support.
Android has it as a toggle: https://source.android.com/docs/security/features/cellular-s...
iPhone disables it for phones in lockdown mode.
I wonder if this mostly hit international SIMs, since they wouldn’t be running the same level of SIM code to prefer various network locks like a local SIM.
Helps you stay under the radar and gov services over SMS is a lot more advanced outside of Canada if you want to do some fraud.
Source? It might just be that your carrier retired its 2g/3g network, not that the phone/sim refuses 2g/3g connections. If some cell tower popped up claiming to 2g/3g, your phone still might happily connect.
my Telus/Bell SIM shows the 3G network tho
Absent that, maybe this happens via a carrier profile (or equivalent mechanism)?
But I only have an option for data roaming on/off, not roaming entirely.
It sounds like a good idea to at least restrict 2G connections to non-roaming scenarios, but then you have the next practical problem: How does your baseband know that you're abroad?
Sure, all solvable at the application layer (the phone could use location heuristics to figure out where it is etc.), but not trivial and full of edge cases that could easily result in your phone mysteriously not connecting while abroad or, worse, not being able to make an emergency call or similar.
Of course, in some situations you might only get signal from across the border, and then none of these mechanisms can help.
Although now looking at Wikipedia there are a lot more 2G networks sticking around than I realised, still hard for me to believe given what's happened here!
The point was that I’m surprised how many real 2G networks there still are, and that one still exists in Canada at all.
https://efforg.github.io/rayhunter/heuristics.html#lte-sib67...
Hopefully devices at least ignore it when 2G is deactivated entirely, for those where that's possible.
https://en.wikipedia.org/wiki/Cell_Broadcast
They are also interfering with connections and attempting downgrade attacks to do 2G SMS messages as well (and is likely where Canadian carriers were picking up the 'millions' of attacks against its network and failed authentication attempts).
Amusingly this was all also caught because of Telus reviewing those SMS messages that were reported as spam from people on iOS/Android and realizing that the messages weren't being terminated inside the cell network at all when they tried tracing them out and suspected that this was the case.
https://www.tps.ca/media-centre/news-releases/arrests-made-i...
Someone's shipping a standardized kit of Stingray with battery and PSU to be installed in the back of German station wagons. The kits are suspected to be spamming phishing texts, at least some in Chinese. The cars are driven as unregistered taxis paid for on Chinese platforms, avoiding taxes while also justifying its driving routes and expenses that involve tourist destinations.
It's not clear to me if this Chinese authority/PLA doing or if it's another one of those southern Chinese warlord thing, both sounds plausible.
There too, the person arrested was a Chinese citizen.
Does not seem related to Chinese nationals here, but standard scam SMS
A rather interesting and Tom Clancy part of this whatever op is that, someone did a bit of digging and discovered that all instances of this across regions and nations use the exact same model of that black air circulator fan that aren't exactly sold everywhere. So as janky as they look, it's clearly a disciplined military style operation by some organized group than just local gangs buying parts and improvising as they go.
1: https://www.itmedia.co.jp/news/articles/2504/15/news133.html
I think at some point people see AI everywhere because they look for it everywhere.
At one point, every bank would ensure that your password COULD NOT be saved by your browser, because sEcUrItY.
Which is precisely the scenario where typing your password into a site like this is possible.
[1] https://www.pbs.org/newshour/nation/how-sim-farms-like-the-o...
The OP ones are actively scanning the vicinity and acting like BTS to connect to phones automatically, equipped with radio antennas, SDR, etc. to gather the victims numbers in real time and send them spam/phishing while the phones are connected to to these BTS
The real story is the government didn’t really care about users being spammed, you get those all the times and there’s little regulation to protect you (like preventing corporate from selling your number etc.), they cared because with these devices people can and will communicate outside of the approved channels, that also might be encrypted too, so harsh charges and make it as public as possible to deter others from doing the same, even if they were not in it to scam or phish people, and notice on the emphasis on “blocking the 911 calls!!” so jamming charges are there too.
a) Doing some weird grey market VoIP thing. 32-in-1 GSM to SIP gateways have been a thing for a very long time in the developing world. Maybe they think they found some arbitrage route for phone traffic to/from the US PSTN that they can profit from. Anyone who interacts with grey market voip stuff will recognize these things immediately.
b) Using them for something like receiving 2FA authentication codes to create bot/socketpuppet social media accounts. In this sort of scenario they'd have live phone numbers/service and the cheapest possible phone plan, and ability to receive incoming SMS. The accounts then get provided to some other group of people who are doing mass advertising/social media manipulation.
If they are using it for 2FA it's likely for some US-only service.
Plenty of things like the various services run by Meta will treat your content differently if they know you're coming from a Bangladesh phone number and ISP vs. being what appears to be an authentic domestic USA human.
Having live US phone numbers that can receive SMS for "is a live human receiving this code" verification purposes is also useful for many other kinds directly fraudulent activities.
Good times!