Google recommends disconnecting 2G networks to prevent SMS scams
Google has just issued a new recommendation to protect Android users from SMS scams. Accordingly, turning off 2G network connection is considered an effective prevention measure.
Google's warning is said to be important to protect users from the dangers of SMS attacks, which exploit security holes in outdated network protocols such as 2G networks.
SMS phishing attacks have become an increasing concern in recent years. These scams typically involve cybercriminals sending messages impersonating trusted organizations such as banks, government agencies, etc. These messages often contain phishing links or malware, designed to steal sensitive user data or infect devices with viruses.
Google has pointed out that the most serious SMS scams target the 2G network security vulnerability, a weakness in the outdated 2G mobile network system that allows cybercriminals to easily penetrate and carry out fraud.
How does a fake BTS work?
A fake BTS is a fake device that acts like a real mobile base station (BTS) to trick and attack mobile phones within its coverage area.
When using a fake BTS, bad actors can place this device between the phone's connection and the real BTS, performing a man-in-the-middle attack to steal information or defraud users.
Fake BTS works by exploiting security holes in 2G mobile networks and the way phones always connect to the station with the strongest signal. The fake BTS is placed in an intermediate position between the phone and the real BTS, then broadcasts a stronger signal to "trick" the phone into connecting.
To send messages to users, the common trick of cybercriminals is to create a fake BTS that can cover a range of about 2km. The fake BTS will interfere with the 3G or 4G signal around the network operator's BTS and broadcast at a stronger power to force the phone to switch to 2G connection with the fake BTS. When the phone connects to 2G with the fake BTS, the fake BTS will send messages to subscribers, causing phones within the coverage area to receive the messages. This is also the reason why many people in the same area will receive similar messages. Such a fake BTS device can spread up to about 70,000 messages a day.
While 4G and 5G mobile networks are becoming more and more popular, the outdated 2G network has become a “fatal weakness” of many mobile devices. Although users’ phones are equipped with the latest technology, the ability to connect to 2G networks still exists, creating a serious security hole that allows hackers to exploit and carry out cyber-fraud attacks.
The reason stems from the security hole of the GSM mobile network (2G network) which only has a one-way authentication feature, which means it allows the network to authenticate users, but does not allow users to authenticate the network again. Therefore, when mobile subscribers approach fake BTS stations, due to the strong signal intensity from the fake BTS station, the subscribers are temporarily transferred to the fake BTS station and at that time, bad guys take advantage of it to spread spam messages and scam messages.
Counterfeit BTS devices are often smuggled into Vietnam through unofficial channels. These devices are very compact, making it difficult for authorities to detect and inspect. In the process of committing violations, the subjects often use fake BTS stations on mobile vehicles such as cars and motorbikes.
Google's advice for Android users
To protect yourself from potential risks from outdated 2G networks, Google recommends that Android users proactively enhance the security of their mobile devices. One of the simplest and most effective ways is to completely turn off 2G connections by going to Settings -> Network & Internet -> SIM Cards -> Turn off 2G connections.
While most Android phones allow users to disable 2G connectivity, not all devices have this option. To ensure information security, users should regularly check and update the software on their mobile devices. Updating will help users have the latest security features and eliminate potential security vulnerabilities.
In addition to disabling 2G, Google is also working on a feature to combat rogue base stations. This feature will warn users when their mobile device is connected to an untrusted network. It is possible that this feature will appear in the Android 15 update, starting with the Pixel line and then expanding to other brands.
What about iPhone users?
Apple does not currently provide an option to turn off 2G directly. To turn off 2G connectivity, iPhone users must enable “lock mode,” a strict security feature that also disables many other iPhone functions.
Lockdown mode on iPhone is designed to provide maximum protection against cyber threats. Many iPhone users wish Apple would provide a more flexible solution that would allow them to turn off 2G without affecting the user experience of the device.
The use of fake BTS stations to spread scam messages in Vietnam
In Vietnam, in recent years, the Radio Frequency Department (Ministry of Information and Communications) has coordinated with professional units under the Ministry of Public Security to use technical equipment to identify fake BTS transmission sources. Specifically, in 2023, 19 cases of using fake BTS stations were arrested and in the first 6 months of 2024, 05 cases of using fake BTS equipment, specializing in spreading fraudulent and obscene messages, were arrested.
The people behind this method are mainly foreigners, hiring domestic individuals to deploy and spread scam messages. The group uses devices installed on cars and motorbikes, often traveling on many irregular routes. In addition, fake BTS stations are also set to turn on and off intermittently, making detection difficult and complicated.
To effectively prevent fraudulent messages, in addition to coordinating with relevant agencies to strengthen propaganda, inspection and control, the Radio Frequency Department has a new solution to detect and arrest subjects using fake BTS stations. That is, coordinating with network operators and police agencies, when a fake BTS station is operating, the network operator will recognize and isolate the area. After locating and accurately determining the location of the fake BTS stations, the Radio Frequency Department will coordinate with professional units under the Ministry of Public Security to make on-site arrests.
To avoid risks, the Information Security Department recommends that mobile users absolutely do not open links in strange messages of unknown origin, and do not log in to personal accounts at these addresses. To avoid being "trapped" by scams, people should be careful before making any financial transactions via social networks.
