Project Lighthouse: Toronto Police Disrupt SMS Blaster “Rogue Cell Tower” Smishing Operation
SMS blasters/Source: Toronto Police Service
EXECUTIVE SUMMARY
Toronto Police say they arrested three men and seized multiple “SMS blaster” devices in what they describe as Canada’s first detected case of this mobile, fake-cell-tower smishing technology. Investigators allege the devices pushed fraudulent texts to tens of thousands of phones across the Greater Toronto Area and caused more than 13 million network disruptions, including potential short-term interference with legitimate cellular access and 911 connectivity.
ANALYSIS
Project Lighthouse is notable less for “a new scam” and more for a new delivery mechanism that changes the scale and safety implications of smishing. An SMS blaster works like a rogue mini cell tower: nearby phones connect to it, and the operator can blast texts that look like they’re from trusted entities (banks, toll services, delivery companies, parking authorities). That combination removes two common defenses at once: carrier-side filtering and consumer skepticism tied to unfamiliar sender details.
Toronto Police report the device was first flagged in November 2025 by a cybersecurity partner and then tracked as it moved around downtown Toronto and other GTA locations over several months. Police allege “tens of thousands” of devices connected during that period, and cite “more than 13 million network disruptions.” The public-safety angle is what separates this from routine fraud reporting: investigators say the disruptions could temporarily block a phone from connecting to a real tower, with the practical consequence that emergency calling access can be impaired for short windows (seconds to minutes). Even if those windows are brief, the risk becomes non-trivial when repeated at scale and in dense areas.
The enforcement picture suggests a technically supported investigation rather than a single lucky traffic stop. Toronto Police highlight coordination with the RCMP’s National Cybercrime Coordination Centre (NC3), other police services, telecom partners, and major financial institutions—consistent with a case that likely required correlating telecom anomalies, geographic movement, and victim/report patterns. One telecom-focused account describes how carriers can spot “missing” texts in network logs (because the messages never traversed the carrier network) and then work the problem as a spectrum/rogue-tower issue rather than a conventional phishing campaign.
The arrests and charges frame this as both fraud and interference with critical communications. Two accused face “mischief endangering life,” alongside fraud, personation, computer-system offenses, and identity/forgery-related charges. Police also publicly withheld images/details of the locally seized hardware, describing it as “uniquely built,” which is consistent with a posture that treats device design as a capability worth not broadcasting.
Separate commentary reporting ties the Toronto case to an international pattern: mobile, vehicle-based SMS blasting operations seen in multiple countries, often with low-level operators and higher-level logistics remaining opaque. That broader pattern may or may not map cleanly onto Toronto’s defendants, but it does underline a simple operational reality for North American agencies: once the technique is demonstrated locally, copycat adoption becomes easier than inventing it from scratch.
SOURCES
