Police arrest SMS blaster crew that sent malicious messages to thousands across Toronto

In a landmark case for Canadian cybersecurity, Toronto police have arrested three men and filed 44 charges for allegedly operating an SMS blaster crew arrested in the heart of the city. This marks the first known instance of such a device being used in Canada, according to authorities. The operation, which began in November 2025, targeted tens of thousands of devices with spammy text messages over several months.

The scheme relied on an SMS blaster—a device that spoofs cell towers and broadcasts a stronger signal to trick nearby phones and tablets into connecting. Once linked, the blaster can send thousands of texts containing links to phishing sites that mimic legitimate login pages. The goal, said Detective Sergeant Lindsay Riddell of the Toronto Police Service, was to steal usernames and passwords, including banking credentials. Beyond theft, these devices disrupt cellular communications and can interfere with 911 emergency services, posing a serious public safety risk.

How the SMS blaster operation worked

The Toronto police revealed that the SMS blaster was “uniquely built” and operated from the back of a vehicle, allowing the crew to move across multiple locations. This mobile setup made detection harder, as the device could be deployed in crowded downtown areas without raising immediate suspicion. The blaster exploited weaknesses in older 2G cellular networks, which lack modern encryption and authentication protocols. This vulnerability is well-known among cybercriminals, but this case highlights its real-world impact in a major urban center.

Authorities declined to share a photo of the specific device found in Toronto, citing safety reasons, but released an image of a similar blaster from a UK investigation. The tactic mirrors a 2024 case in Thailand, where gang members operated an SMS blaster from a truck in Bangkok, blasting nearly a million messages in just three days. These global incidents underscore the growing threat of portable phishing tools.

Protecting yourself from SMS blaster attacks

Users can block attempts by SMS blasters by switching off their phone’s 2G cellular connectivity. For Apple device owners, enabling Lockdown Mode automatically disables 2G radios, adding a layer of protection. Android users can often find 2G toggle options in their network settings, though availability varies by manufacturer and carrier. Learn how to disable 2G on your phone to stay safe from similar threats.

This arrest is a wake-up call for mobile users and telecom regulators alike. As SMS blasters become more sophisticated, staying vigilant against unsolicited texts is crucial. Never click on links in messages from unknown senders, and always verify the authenticity of login pages by typing URLs directly into your browser. Explore more phishing prevention tips to safeguard your data.

What this means for Canadian cybersecurity

Toronto police have set a precedent by cracking down on this SMS blaster crew arrested in Canada. However, the case raises questions about how prepared telecom networks are to detect and block such devices. Older 2G infrastructure remains a weak link, and while carriers have phased out 2G in some regions, it still operates in many areas for legacy devices and emergency services. Read about Canada’s 2G network phase-out plans to understand the broader context.

Building on this, the arrest serves as a reminder that cybercriminals are quick to exploit outdated technology. For consumers, the best defense is a proactive approach: update your phone’s software regularly, use strong passwords, and enable two-factor authentication wherever possible. As Detective Sergeant Riddell emphasized during the press conference, the scheme aimed to steal banking credentials, making financial vigilance equally important.

In the end, this case is not just about three men in Toronto—it’s about a global trend that requires coordinated action from law enforcement, telecoms, and users. The SMS blaster crew arrested may be off the streets, but the technology they used remains a threat. Stay informed, stay cautious, and always think twice before clicking that unexpected text message link.