This was hugely overblown in the media... While the device operates like a stingray, they were using it to spam and phish. The whole claim of "we've never seen this type of device before in Canada" is a lie, because the government and law enforcement both use them. I guess it's okay if they do it, but nobody else can...
The claim was that this was the first time that a device like this has been used in fraud but go ahead, misread things and become outraged. I’m sure that in this case the fraudsters properly forwarded all 911 calls so no harm, no foul hey?
How is this possible? Are phones willing to connect to any cell and blindly trust that text messages from there are genuine and really coming from the numbers they claim to be coming from? Isn't there some cryptographic verification?
SMS is old infrastructure and the sender identity in an SMS is not like a signed email domain or an end-to-end verified chat identity. A lot of trust sits in the carrier network and interconnects
Can't be blocked by the provider, doesn't require a subscription with a provider, can falsify the sender, can send to everyone in range instead of guessing numbers.
The conspiracy explanation would be that the primary purpose is IMEI/IMSI data collection and/or wireless bug planting, and scamming is secondary purpose and/or deep sampling operation. Though, this is just my hallucination.
Oh so it's happening in Canada too? I've seen it reported on media in another place few months back.
Someone's shipping a standardized kit of Stingray with battery and PSU to be installed in the back of German station wagons. The kits are suspected to be spamming phishing texts, at least some in Chinese. The cars are driven as unregistered taxis paid for on Chinese platforms, avoiding taxes while also justifying its driving routes and expenses that involve tourist destinations.
It's not clear to me if this Chinese authority/PLA doing or if it's another one of those southern Chinese warlord thing, both sounds plausible.
I was misremembering a bit, it was about exactly one year ago. No English sources for the case I saw that I'm aware of.
A rather interesting and Tom Clancy part of this whatever op is that, someone did a bit of digging and discovered that all instances of this across regions and nations use the exact same model of that black air circulator fan that aren't exactly sold everywhere. So as janky as they look, it's clearly a disciplined military style operation by some organized group than just local gangs buying parts and improvising as they go.
In Brazil, people get so much SMS spam and phone call spam that many people turn off notifications for all text messages and phone calls and use only Whatsapp (even for voice calls).
But once in a while my iPhone in Brazil will get spam as a unblockable "system message". I'm not sure if I'm using the correct term. I'm mean that it looks just like an Apple system notification and it disappears without a trace afterward, but the content is obviously spam.
In USA, I personally get 3-5 spam phone calls and voicemails daily. Mostly all the same, like "your $20K loan is almost ready".
One time, I picked up, and it was this seemingly incredibly rude person who sounded real but continue talking in a pushy manner without stopping despite what I said.
It's insane getting so many calls all the time like I owe them a bunch of money or something. Anyone else get this?
I wonder if the cell carriers are seeing this as the existential threat it is, or if they’re just continuing with the whole “bury our heads in the sand” strategy.
If having a phone number has no benefit and only brings spam, and WiFi is ubiquitous in urban areas, a huge chunk of the population don’t really need cell plans any more. And the places without WiFi coverage (less dense areas) are the most expensive to provide service.
In the US at least, the FCC used to be pushing hard to combat the spam, like requiring authentication for caller ID, and it was the carriers that were dragging their feet and lobbying against it. So something tells me they just continue to view all the spam senders as an easy income source and don’t mind letting their whole business model die if it means short term profits.
would encrypting sms and using some kind of authorized certificate authorities, maybe the ones from the country's phone carriers, alleviate this issue?
33 comments
[ 1.9 ms ] story [ 59.6 ms ] threadso it’s an accurate statement
the government isn’t one thing, it’s people that don’t work for all agencies
[1] https://www.pbs.org/newshour/nation/how-sim-farms-like-the-o...
At one point, every bank would ensure that your password COULD NOT be saved by your browser, because sEcUrItY.
Which is precisely the scenario where typing your password into a site like this is possible.
Someone's shipping a standardized kit of Stingray with battery and PSU to be installed in the back of German station wagons. The kits are suspected to be spamming phishing texts, at least some in Chinese. The cars are driven as unregistered taxis paid for on Chinese platforms, avoiding taxes while also justifying its driving routes and expenses that involve tourist destinations.
It's not clear to me if this Chinese authority/PLA doing or if it's another one of those southern Chinese warlord thing, both sounds plausible.
A rather interesting and Tom Clancy part of this whatever op is that, someone did a bit of digging and discovered that all instances of this across regions and nations use the exact same model of that black air circulator fan that aren't exactly sold everywhere. So as janky as they look, it's clearly a disciplined military style operation by some organized group than just local gangs buying parts and improvising as they go.
1: https://www.itmedia.co.jp/news/articles/2504/15/news133.html
There too, the person arrested was a Chinese citizen.
Does not seem related to Chinese nationals here, but standard scam SMS
But once in a while my iPhone in Brazil will get spam as a unblockable "system message". I'm not sure if I'm using the correct term. I'm mean that it looks just like an Apple system notification and it disappears without a trace afterward, but the content is obviously spam.
I wonder how they are able to do this.
Probably so-called SMS flash messages. They're shown as overlay popups on Android too.
This is a "flash SMS" message: https://nickvsnetworking.com/flash-sms-messages/
One time, I picked up, and it was this seemingly incredibly rude person who sounded real but continue talking in a pushy manner without stopping despite what I said.
It's insane getting so many calls all the time like I owe them a bunch of money or something. Anyone else get this?
I used to answer and mess with the callers, but no longer do.
[1] https://www.mcafee.com/ai/news/ai-voice-scam/
If having a phone number has no benefit and only brings spam, and WiFi is ubiquitous in urban areas, a huge chunk of the population don’t really need cell plans any more. And the places without WiFi coverage (less dense areas) are the most expensive to provide service.
In the US at least, the FCC used to be pushing hard to combat the spam, like requiring authentication for caller ID, and it was the carriers that were dragging their feet and lobbying against it. So something tells me they just continue to view all the spam senders as an easy income source and don’t mind letting their whole business model die if it means short term profits.