Google has issued a new cybersecurity alert for smartphone users, warning of a rising wave of SMS-based attacks capable of bypassing standard security protections and compromising mobile devices. According to the company, the threat stems from weaknesses in older 2G networks, which allow scammers to send malicious text messages that appear authentic but are engineered to steal personal data or infiltrate a device’s system. These scams use sophisticated methods to evade detection, taking advantage of network vulnerabilities that still exist across many regions where 2G remains active.
The attacks are executed through devices known as SMS blasters or cell-site simulators, also called False Base Stations (FBS) or Stingrays. These portable systems mimic legitimate mobile towers, tricking nearby phones into connecting to them. Once a device is linked, attackers can inject fraudulent messages directly into the user’s inbox, bypassing spam filters and carrier-level security. Many of these messages resemble official alerts or banking notifications, making them extremely difficult for users to identify as fake. Originally built for law enforcement surveillance, this technology has increasingly been repurposed by criminal networks for widespread scams and identity theft campaigns.
Google explained that the majority of these attacks depend on downgrading smartphones to connect via 2G protocols, which lack modern encryption and mutual authentication safeguards. By forcing a device off 4G or 5G and onto a weaker 2G connection, hackers can conduct man-in-the-middle attacks, intercepting communications and transmitting fake SMS messages without detection. “Downgrading the user’s connection to a legacy 2G protocol abuses the lack of mutual authentication and forces connections to be unencrypted,” Google stated. Once compromised, devices can be targeted with phishing links or malware disguised as legitimate messages, placing sensitive information such as passwords and financial data at risk.
To mitigate these threats, Google has advised users to disable 2G connectivity on their devices. The company noted that Android 12 introduced an option allowing users to turn off 2G at the modem level, which effectively neutralizes the risk from SMS blasters. This feature has since evolved under Android 16’s Advanced Protection Mode, where 2G connections are disabled by default for added security. Samsung users also have access to similar functionality through the Maximum Restrictions mode, providing manual control over network settings. However, Apple users face greater limitations, as iPhones do not yet include a built-in option to block 2G access except under Lockdown Mode, which is intended for high-risk individuals and restricts other features.
Cybersecurity experts have warned that these SMS attacks are becoming increasingly common, with perpetrators targeting entire geographical areas instead of specific phone numbers. By broadcasting false messages to all nearby devices connected to compromised towers, attackers can reach thousands of users simultaneously. Experts urge the public to remain cautious of suspicious messages, avoid clicking unfamiliar links, and update their devices regularly to minimize exposure to emerging mobile threats.
Follow the SPIN IDG WhatsApp Channel for updates across the Smart Pakistan Insights Network covering all of Pakistan’s technology ecosystem.
