All Episodes

Tom Roberts: National Cyber Security Centre threat and incident response team lead on the arrest of a teenager over 'smishing' scam

October 3, 2024 4 mins

Police have arrested a teenager after disrupting a 'sophisticated smishing scam' using new technology never seen in New Zealand before.

Authorities have described smishing - a form of phishing - as when a device known an 'SMS Blaster' is used as a fake cell tower and tricks nearby cellphones to connect to its fraudulent network.

This 'SMS Blaster' has reportedly sent thousands of fake texts claiming to be from banks - in order to encourage people to share their passwords, account details and other sensitive information.

National Cyber Security centre team lead Tom Roberts says the messages look professional.

He explained people click on the link thinking it's from the bank or insurance company - without realising they're entering in details for someone to steal. 

LISTEN ABOVE

See omnystudio.com/listener for privacy information.

Mark as Played
Transcript

Episode Transcript

Available transcripts are automatically generated. Complete accuracy is not guaranteed.
Speaker 1 (00:00):
Police have disrupted and arrested a teenager over a smishing scam.
I've never heard of the term either. Smashing uses technology
ever seen in New Zealand ever before. It involves sending
fraudulent text messages that are pretending to be from places
like banks in order to trick pill into sending into
sharing sensitive information. So the device in this case is

(00:22):
believed to have sent thousands of scam text messages, including
about seven hundred texts in one night. Tom Roberts is
the National Cyber Security Center's team lead for Threat and
Incident Response and is with us this evening. Calder, Good evening, Jack.

Speaker 2 (00:38):
How are you?

Speaker 1 (00:38):
Yeah, very well, thanks. I'd never heard of smishing until
right now. So how does this technology work?

Speaker 2 (00:44):
It's gord an old term, isn't it. It's something that, yes,
for the first time we've seen the So what it
does is a tower, ef faked tower tricks your phone
through four G five G down to two G where
there's a lack of sort of mutual authentication and encryption,
and then it will blast out if asses to whoever,
and they can the people that are making these misses

(01:06):
can basically put whatever they want in there. It could
have no links, it could have to be full of links.
But yeah, they get their money through pretending to be
something authentic.

Speaker 1 (01:15):
So they basically send out heaps and heaps of spam
texts and scam texts. Then they wait for a response
and hope that they're able to elicit personal information from
those responses.

Speaker 2 (01:28):
Yeah, and worryingly, what you can do with these mess
blasting attacks is that you can pretend to be a shortcoat.
So you know a tailco number one of the ones
a band tour.

Speaker 1 (01:41):
Yeah, so instead of saying from from oo to seven
six four four three nine eight seven, it says from
one for zero four, So it looks kind of professional.

Speaker 2 (01:51):
Looks very professional, hard to distinguish. And then you click
on the link saying, oh, well help, maybe insurance is
due or whatever, and good on the assurance company, your
bank for getting in contact with meybe, and all of
a sudden you're entering in your details for someone to steal.

Speaker 1 (02:05):
How hard is it to get your hands on tech
like this?

Speaker 2 (02:10):
Well, it's if you know how to do it, you
can get it.

Speaker 1 (02:15):
So you're not going to tell us how to do it.
That wouldn't be very nice.

Speaker 2 (02:21):
I don't think the employee would be too happy about that.
The Internet's a big place, so yeah, someone that wants
to has the inclination to do so, can do it.
I would say that it's exceptionally easy to see, and
that's why DIA police has been able to be so
quick on this. They've really done a fantastic job that

(02:41):
shotting this down quickly.

Speaker 1 (02:42):
How do you identify it?

Speaker 2 (02:45):
The telcos and di and the banks, so anomalies and
then reports going through them, and then they're able to see, oh,
actually there's a fake cell power that keeps on popping up,
and then you know, you can just sort of follow
your nose.

Speaker 1 (02:57):
Right, Okay, So a nineteen year old is believed to
have been behind these text messages and is going through
the legal proceedings at the moment. Do you need to
be technically literate in order to use this kind of technology?

Speaker 2 (03:12):
Yeah you do. Yeah, you don't have to be quite
technically literate, and you're quite quite young to be that
technically literate. It's something that typically the knowledge only exists
within the telecommunications or radio spectrum community. But yeah, it
is available, and obviously this person has found it and

(03:35):
tried to make best use of it unsuccessfully.

Speaker 1 (03:38):
Yeah, okay, I'm going to give you an opportunity just
to do the PSA. Then, if you get a text
asking some personal information, even if it looks official from
something like one for zero four, what do you do, Tom, Yeah.

Speaker 2 (03:48):
You don't click the link. Don't click the link. Report
it to di IA on seventy seven two six. I
think test. Don't deal with it. They'll stop it and
you'll be reflected.

Speaker 1 (03:57):
Yeah, very good. Thanks for your time, Tom. That is
Tom Roberts, who is the team lead for Threat and
Incident Response at the National cyber Security Sentaries. For more
from Heather Duplessy Allen Drive, listen live to news talks
it'd b from four pm weekdays, or follow the podcast
on iHeartRadio
Advertise With Us

Popular Podcasts

Stuff You Should Know

Stuff You Should Know

If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.

My Favorite Murder with Karen Kilgariff and Georgia Hardstark

My Favorite Murder with Karen Kilgariff and Georgia Hardstark

My Favorite Murder is a true crime comedy podcast hosted by Karen Kilgariff and Georgia Hardstark. Each week, Karen and Georgia share compelling true crimes and hometown stories from friends and listeners. Since MFM launched in January of 2016, Karen and Georgia have shared their lifelong interest in true crime and have covered stories of infamous serial killers like the Night Stalker, mysterious cold cases, captivating cults, incredible survivor stories and important events from history like the Tulsa race massacre of 1921. My Favorite Murder is part of the Exactly Right podcast network that provides a platform for bold, creative voices to bring to life provocative, entertaining and relatable stories for audiences everywhere. The Exactly Right roster of podcasts covers a variety of topics including historic true crime, comedic interviews and news, science, pop culture and more. Podcasts on the network include Buried Bones with Kate Winkler Dawson and Paul Holes, That's Messed Up: An SVU Podcast, This Podcast Will Kill You, Bananas and more.

The Joe Rogan Experience

The Joe Rogan Experience

The official podcast of comedian Joe Rogan.

Music, radio and podcasts, all free. Listen online or download the iHeart App.

Connect

Explore

iHeart

Live Radio

Podcasts

Artist Radio

Exclusives

News

Features

Events

Contests

Photos

Information

About

Advertise

Blog

Brand Guidelines

Contest Guidelines

Subscription Offers

Jobs

Get the App

Automotive

Home

Mobile

Wearables

© 2025 iHeartMedia, Inc.