Authorities in the United Kingdom have uncovered a sophisticated mobile phishing scheme in which fraudsters targeted commuters on the London Underground using devices known as SMS blasters hidden inside suitcases.
Investigators say the criminals carried the devices through busy stations and train platforms, allowing them to send large volumes of fraudulent text messages to nearby mobile phones. The operation was designed to reach passengers traveling on the London Tube during peak hours.
The devices functioned by mimicking legitimate mobile network signals. When smartphones in the surrounding area connected to the signal, the system automatically delivered scam text messages directly to the devices.
According to investigators, the messages typically claimed to be from well-known parcel delivery services and informed recipients that a package delivery had failed. The texts included links directing victims to fake websites where they were asked to enter personal and banking information.
Authorities believe the goal of the operation was to steal financial details and gain unauthorized access to victims’ bank accounts. Security experts describe the technique as a form of “smishing”, a phishing attack carried out through SMS messages.
Law-enforcement officials later seized multiple SMS-blaster devices concealed in suitcases as part of the investigation. Officers also recovered thousands of gift cards and significant amounts of cash believed to be connected to the fraud network.
The investigation was led by British Transport Police, which confirmed that several individuals involved in the scheme have been arrested and convicted in connection with the scam.
Authorities say the case highlights the increasing use of advanced technology by cybercriminals to target people in crowded public locations. Security experts warn that passengers should remain cautious when receiving unexpected text messages asking for personal or financial information.
Users are advised to avoid clicking on suspicious links in SMS messages and to verify delivery notifications directly through official company websites or apps.