London Tube Passengers Targeted With Scam Texts Sent by Suitcase ‘SMS Blasters’

Authorities in the United Kingdom have uncovered a sophisticated fraud scheme in which criminals targeted passengers on the London Underground using portable devices hidden inside suitcases to send scam text messages directly to commuters’ phones.

Investigators revealed that the devices, known as “SMS blasters,” acted as fake mobile network towers capable of transmitting mass fraudulent messages to nearby phones without needing victims’ phone numbers.

The operation represents a new form of “smishing” (SMS phishing) designed to steal personal and financial information from unsuspecting travelers.

Suitcase Devices Used in Busy Underground Stations

According to investigators, members of the fraud network carried SMS-blasting equipment concealed inside large suitcases and placed them at crowded locations across the London Underground system.

The devices mimicked legitimate mobile network towers. Once nearby smartphones automatically connected to the fake network signal, the system broadcast scam messages to hundreds of passengers in the area.

Many of the messages impersonated delivery companies such as Royal Mail or Evri, claiming that a parcel delivery had failed and prompting recipients to click a link to resolve the issue.

Passengers who clicked the link were redirected to fraudulent websites designed to collect personal information, including names, addresses, and banking details.

Organised Crime Group Behind the Operation

Authorities identified an organised gang responsible for orchestrating the scam.

The operation was allegedly led by Zhijia Fan, who coordinated the activities with accomplices including Daoyan Shang and Wan Mohd Hafiz.

Investigators said the suspects moved the suitcases containing the SMS-blasting devices through busy Tube stations and platforms in order to maximise the number of potential victims.

Prosecutors stated in court that the group’s intention was to collect sensitive data and ultimately access victims’ bank accounts.

During searches of the suspects’ premises, authorities discovered equipment used to assemble the devices, including antennas and power supply units.

Scam Discovered by Off-Duty Police Officer

The operation began to unravel when an off-duty British Transport Police detective noticed a suspicious suitcase at a London Underground station.

The suitcase reportedly had ventilation holes and flashing lights, which raised concerns.

After the officer alerted colleagues, police seized the suitcase and discovered the hidden SMS-blaster device inside.

Further investigation revealed additional devices being deployed across the underground transport network.

Arrests and Prison Sentences

Following the investigation, several individuals involved in the scheme were arrested and prosecuted.

• Zhijia Fan was sentenced to four years and eight months in prison

• Daoyan Shang received two years and ten months

• Wan Mohd Hafiz was sentenced to one year and two months

• Gatis Lauks, another accomplice, received a two-year suspended sentence

Authorities also confiscated more than 10,000 gift cards worth over £80,000, believed to be linked to proceeds from the fraud operation.

Growing Threat of Smishing Attacks

Cybersecurity experts warn that SMS-blasting technology is an emerging threat because it allows criminals to send scam messages without knowing victims’ phone numbers.

Unlike traditional phishing campaigns that rely on databases of phone numbers, SMS blasters operate like temporary cell towers, forcing nearby phones to connect automatically.

This method allows fraudsters to bypass telecom spam filters and target large crowds in locations such as transport hubs, airports and shopping centres.

Authorities Urge Public Vigilance

Law enforcement agencies are now working with telecom providers and cybersecurity specialists to detect similar devices and prevent future attacks.

Officials have urged commuters to remain cautious when receiving text messages that include links requesting personal or financial information.

Experts recommend verifying delivery notifications directly through official websites and avoiding clicking suspicious links sent via SMS.

Organizations dealing with financial data and digital transactions often rely on structured financial monitoring and professional auditing services in India to strengthen security controls and detect suspicious financial activities.

Investigation Continues

Authorities say the case highlights how criminals are increasingly using portable technology and social engineering tactics to target large groups of people in public spaces.

Law enforcement agencies continue to monitor similar cybercrime methods and are working to improve detection systems for unauthorized mobile signal devices.