A sophisticated fraud operation targeting passengers on the London Underground used homemade devices known as “SMS blasters” hidden inside suitcases to send scam messages directly to commuters’ mobile phones.
Authorities revealed that the devices acted as fake mobile network towers, tricking nearby phones into connecting to them and allowing fraudsters to send mass text messages containing links to fraudulent websites.
The scam, described as a form of “smishing” (SMS phishing), aimed to steal personal and financial information from unsuspecting passengers travelling through busy Tube stations.
Suitcase devices used on busy Tube platforms
Investigators said the fraudsters carried the SMS-blasting equipment inside large suitcases and deployed them at crowded locations across the London Underground network.
The devices were designed to mimic legitimate cell towers. Once nearby phones automatically connected to the fake network, the system broadcast fraudulent text messages to hundreds of commuters.
Many of the messages pretended to be from delivery companies such as Royal Mail or Evri, claiming that a parcel delivery had failed and asking recipients to click a link to resolve the issue.
Victims who clicked the links were directed to fake websites where they were prompted to enter personal details such as names, addresses, and banking information.
FutureCrime Summit 2026: Registrations to Open Soon for India’s Biggest Cybercrime Conference
Organised gang behind the operation
Investigators identified an organised crime group behind the scam, led by Zhijia Fan, who allegedly orchestrated the operation with assistance from accomplices including Daoyan Shang and Wan Mohd Hafiz.
The suspects wheeled the suitcases containing SMS-blasting equipment through Tube stations and platforms to maximise the number of potential victims.
Prosecutors told the court that the goal of the scheme was to “plunder their bank accounts” by harvesting personal data through the fake parcel-delivery messages.
Authorities also discovered equipment used to assemble the devices, including antennas and power units, during searches of the suspects’ premises.
Plot uncovered by off-duty police officer
The fraud scheme began to unravel when an off-duty British Transport Police detective noticed a suspicious suitcase with ventilation holes and flashing lights at a London Underground station.
The officer alerted colleagues, who seized the suitcase and discovered the concealed SMS-blaster device inside.
Further investigation uncovered additional devices being used across the transport network.
Arrests and sentences
Following the investigation, several members of the gang were arrested and prosecuted.
Fan was sentenced to four years and eight months in prison, while Shang received two years and ten months, and Hafiz was jailed for one year and two months. Another accomplice, Gatis Lauks, received a two-year suspended sentence for his role in the fraud.
Authorities also seized over 10,000 gift cards loaded with more than £80,000, believed to be proceeds from the scam.
Rising threat of “smishing” attacks
Cybersecurity experts say SMS-blasting technology represents an emerging threat because it allows criminals to send fraudulent messages without knowing victims’ phone numbers and bypass traditional telecom spam filters.
Because the devices operate like temporary mobile towers, phones automatically connect to them, enabling scammers to broadcast large numbers of messages in crowded locations such as transport hubs.
Authorities have warned commuters to remain cautious about text messages containing links requesting personal or financial information.
Investigation and awareness efforts
Law enforcement agencies are now working with telecom operators and cybersecurity experts to monitor and detect similar devices.
Officials say the case highlights how criminals are increasingly using portable technology and social engineering tactics to target large groups of people in public spaces.
