Three men drove around the Greater Toronto Area with a device that could impersonate a real cell tower, force thousands of nearby phones off the legitimate network, and silently flood those devices with fraudulent phishing text messages. Tens of thousands of people were hit. Some of them couldnβt call 911 while the device was active. On April 23, 2026, Toronto Police arrested all three β the first case of its kind in Canadian history.
Project Lighthouse, as Toronto Police named the investigation, began in November 2025 when authorities were alerted to a suspicious device operating in downtown Toronto. What followed was a months-long surveillance operation coordinated with Telus, Canadaβs second-largest mobile carrier, that tracked the device as it moved through multiple locations across the GTA before culminating in last weekβs arrests.
What Is an SMS Blaster?
An SMS blaster β also known as an IMSI catcher, a fake base station, or an βIMSI simulatorβ β is a device that exploits a fundamental vulnerability in how mobile phones connect to cellular networks. Phones are designed to automatically connect to the strongest available signal. They do not independently verify that the tower they are connecting to is operated by a legitimate carrier.
An SMS blaster exploits this trust. It broadcasts a signal that mimics a real cell tower β including, in sophisticated versions, the carrierβs network identifier β at a power level higher than nearby legitimate towers. Phones in range disconnect from the real network and connect to the rogue device instead. At that point, the device operator has significant control over what those phones receive.
In the Toronto operation, the suspected use was smishing β SMS phishing. Once phones connected to the rogue tower, the device sent fraudulent text messages to each connected handset. These messages were crafted to appear as legitimate alerts from banks, government agencies, or delivery services β with links designed to steal usernames, passwords, and financial credentials.
The Emergency Services Problem
Beyond financial fraud, the Toronto case exposed a public safety dimension that police have flagged as particularly serious: while connected to the rogue tower, affected phones could not reliably contact emergency services.
Because the SMS blaster forced phones off the legitimate Telus network, users who needed to call 911 during the operationβs active periods faced potential failure or delay. Toronto Police explicitly described this as a safety risk in their public statements.
This transforms an SMS blaster from a financial fraud tool into a potential public safety threat β particularly if one were operated during an emergency event, a crowd situation, or in proximity to a hospital or emergency facility.
The Investigation: Telus and Toronto Police
The months-long investigation is notable for its public-private cooperation model. Toronto Police worked directly with Telus, which has network monitoring infrastructure capable of detecting anomalous signal patterns that indicate the presence of a rogue cell tower.
When an SMS blaster operates, it creates a detectable signature in network telemetry: a cluster of handsets in a geographic area simultaneously dropping off the legitimate network and then reconnecting moments later. Telus identified this pattern and alerted police, providing signal data that helped investigators track the device as it moved through the GTA over subsequent months.
This kind of carrier-law enforcement cooperation is increasingly critical for detecting physical fraud hardware. Unlike purely software-based cyberattacks, SMS blasters require physical proximity β the device needs to be near its targets. That physical footprint creates opportunities for detection and interception that remote attacks donβt.
The Arrests
Three men were arrested and charged with 44 offences including fraud and mischief:
- Dafeng Lin, 27, of Hamilton
- Junmin Shi, 25, of Markham
- Weitong Hu, 21, of Markham (turned himself in on April 21, two days before the formal announcement)
All three face charges under Canadaβs Criminal Code. Police have not released details on the specific financial institutions or services the fraudulent messages impersonated, or the number of victims who clicked through and had credentials stolen β that investigation is ongoing.
Why This Matters Beyond Canada
SMS blasters are not new technology. They have been documented in fraud operations in the United Kingdom, Australia, Hong Kong, and across Southeast Asia for several years. In the UK, police have seized multiple SMS blasters used by organized criminal groups to run banking impersonation campaigns. Hong Kong police disrupted a major SMS blaster operation in 2023. Australiaβs ACCC has warned about the technique repeatedly.
What is new is the Canadian context β and the fact that this is being documented, prosecuted, and publicized as a first. That means the tactic is spreading geographically, likely carried by criminal networks that have seen its success in other jurisdictions and exported it.
For consumers in Canada β and by extension anyone living in any major urban area β the Toronto case is a reminder that fraud doesnβt only arrive via email or a call center. It can arrive via a device parked on the street outside your office.
How to Protect Yourself From SMS Blaster Attacks
The core defense against smishing β whether from an SMS blaster or a conventional bulk text campaign β is the same: never click links in text messages, regardless of how legitimate they appear.
SMS is an inherently insecure channel. It was not designed for authentication, and text messages can be spoofed, intercepted, or injected by anyone with the right equipment. Any message that asks you to click a link, verify information, or take urgent action should be treated with suspicion.
Specific protections:
- Never tap links in SMS messages from banks, delivery services, government agencies, or any other entity β even if the sender appears correct. Go directly to the official website by typing the address yourself or using a saved bookmark.
- Enable Wi-Fi calling on your phone, which routes calls and texts over your internet connection rather than the cellular network. This makes SMS blaster interception ineffective because your phone isnβt relying on the cellular signal the rogue tower provides.
- Use encrypted messaging apps (iMessage, Signal, WhatsApp) for personal communication rather than standard SMS. These apps route through data connections and are not interceptable by cellular-layer attacks.
- Report suspicious texts to your carrier (forward to 7726 in Canada and the US) and to the Canadian Anti-Fraud Centre at antifraudcentre-centreantifraude.ca.
If you received unexpected bank or government texts in the Greater Toronto Area in recent months and clicked through to provide any information, treat your financial accounts as potentially compromised and contact your bank directly.
Sources: The Record Β· CBC News Β· Globe and Mail Β· CP24 Β· Toronto Police Service
