Smishing – or SMS phishing – is becoming increasingly common. SMS scams look a lot like traditional email scams, in which a fraudster tries to convince you to click a malicious link or provide personal information using messages that look like they came from your bank or another official source. If you get a message claiming to be from your bank reporting fraudulent activity, or a message from a delivery company saying they failed to deliver a package, you may be the target of a smishing attack.
Unfortunately, these messages are becoming harder to detect. Scammers are getting better at crafting convincing messages, and have started to use old 2G technology networks to make their messages appear to come from legitimate sources.
Cellular carriers largely left 2G technology behind years ago. And the newer 3G, 4G, and 5G networks all require mutual authentication, which confirms you're connecting to a legitimate network. However, 2G networks have far less security built-in. And your phone still supports the old 2G protocol as a fallback for emergency calls and because some rural areas have very limited cellular coverage.
By taking advantage of the security limitations of 2G, hackers can trick phones into connecting to fraudulent 2G networks using cell-site simulators. How? Our phones are designed to automatically connect to the tower with the strongest signal so you always get the best cellular service. That means a scammer with a strong cell-site simulator can fool your phone, and you won't even notice it connected to a new network.
The technology to carry out these attacks is getting cheaper and easier for criminals to get their hands on. Cell-site simulators can be bought online or built by tech-savvy scammers and then carried in a car or a backpack through crowded areas where they can catch the most victims. There are many potential privacy risks to this type of attack, but right now we're seeing scammers use these 2G networks for smishing attacks, often called SMS Blaster attacks. Because your phone connects to the scammer's network instead of a cellular carrier's network, these SMS attacks bypass spam and fraud protection filters, and scammers can spoof the text message details to make it appear completely authentic.
Read more: How to Stop Spam Text Messages
Though we haven't seen 2G smishing in the United States yet, such scams have popped up all over the world – precisely because these convincing scams work. The technology has helped hackers scam victims in Vietnam, France, Norway, Thailand and the UK. This spring, scammers were arrested in Bangkok carrying an SMS blaster in a backpack through a shopping mall, and this summer a scammer in London was arrested with a homemade SMS blaster – in both cases, the scammers sent out thousands of messages to unsuspecting victims before getting caught.
So how can you protect yourself from 2G smishing scams? That depends on what type of phone you use. Most Android phones will let you turn off 2G connectivity directly, which I highly recommend you do. There is no need for 2G connectivity in normal usage, and in the extremely rare instance where it is the only available network, emergency calls will still go through even with 2G turned off. The process to turn off 2G, unfortunately, is much less user-friendly for iPhone owners, but I will walk you through that, as well.
How to block 2G networks on Android
Most Android phones, notably the newer Google Pixel models, allow you to disable 2G entirely, so your phone will never connect to networks that don’t require authentication. To disable 2G on Android: go to Settings > Network & Internet > SIMs > Allow 2G and toggle it off.
If you don’t see this option, your phone or carrier may not support blocking 2G networks. Contact your carrier for guidance.
How to block 2G networks on iPhone
Unfortunately, there isn’t an easy way to disable 2G on your iPhone – at least not without affecting other functionality. Phones running iOS 17 or above have a Lockdown Mode for the ultimate in security protection, and it blocks 2G networks as well as many other potential security risks. But it also blocks some things you might want to use: you won’t get message attachments and some web pages may not load because Lockdown Mode blocks anything that could possibly contain malicious code.
To disable 2G on iPhone, turn on Lockdown Mode by going to Settings > Privacy & Security and toggling on Lockdown Mode. After that, you need to tap Turn On & Restart, then enter your passcode.
You probably won’t want to use this all the time because it can severely limit phone functionality, but it might be worth turning on if you’re going to be in a crowded location that a scammer might target or traveling overseas.
Read more: How to Tell if Your Phone Has Been Hacked
Other ways to avoid 2G smishing scams
Regardless of which phone you use, the best way to defend yourself from any smishing attack is to be extremely wary of unsolicited text messages. If a message claims to come from your bank, healthcare provider, or other business, don’t click on any links. Instead, go to the company’s web page directly to contact them about the message and verify that it’s legitimate. Never click on a link in an unsolicited text message or provide sensitive personal information. Following common sense security practices can still keep you safe.
[Image credit: screenshot via Techicious, phone mockup via Canva]
Elizabeth Harper is a writer and editor with more than a decade of experience covering consumer technology and entertainment. In addition to writing for Techlicious, she's Editorial Director of Blizzard Watch and is published on sites all over the web, including Time, CBS, Engadget, The Daily Dot and DealNews.
From james on August 05, 2024 :: 6:23 pm
TY BUT have new S24 and there is NO setting for turning off 2 G
Reply
From Kevin M Maloney on August 05, 2024 :: 6:51 pm
There is on my S24U, Settings< Connections < Mobile Network< [toggle] Allow 2G service
Reply