Vienna Police Dismantle Large-Scale Phishing Operation Using “SMS Blaster” Technology
Vienna law enforcement has successfully concluded an extensive investigation into a sophisticated cybercrime operation, resulting in the arrest of a 32-year-old man. The suspect is accused of deploying “SMS blasters” to send millions of fraudulent text messages throughout the Vienna area, targeting unsuspecting citizens in an attempt to commit commercial fraud.
The Investigation and Arrest
The Vienna State Criminal Police Office, in collaboration with mobile network providers, identified that an unknown perpetrator had been operating in the region since at least April 6, 2026. The fraudulent activity involved the mass distribution of phishing SMS messages, often masquerading as communications from well-known parcel delivery services and mobile network operators.
Investigators observed that the suspect frequently targeted areas with high pedestrian traffic, such as major events, to maximize the reach of the phishing attempts. Following a period of focused surveillance, officers from the Special Units Directorate/Cobra Task Force apprehended the suspect on May 14, 2026, at approximately 3:47 PM. During the arrest, authorities discovered a six-month-old child in the vehicle with the suspect.
How the “SMS Blaster” Functions
The specialized hardware recovered from the suspect’s vehicle is capable of sending up to 100,000 messages per hour. These devices function as unauthorized mobile base stations, often referred to as “SMS blasters.”
When active, the device forces nearby mobile phones to connect to it rather than legitimate network towers. This process creates several security risks:
- Service Disruption: While connected to the device, users are unable to make phone calls, send text messages, or access mobile internet.
- Emergency Call Interference: The presence of such devices can potentially impair the functionality of emergency call systems.
- Phishing Vulnerability: By intercepting the connection, the operator can push mass fraudulent messages directly to devices in the immediate vicinity.
Legal Consequences
Following the arrest, the suspect—a 32-year-old Chinese national—confessed to the operation. He now faces serious legal charges. In addition to the suspicion of attempted commercial fraud, the suspect is charged with endangering the physical safety of his son due to the significant radiation emitted by the equipment operated in close proximity to the child.

A subsequent search of the suspect’s residence led to the seizure of additional technical equipment, including further SMS blasting hardware, computers, and mobile devices, indicating the scale of the operation intended to exploit mobile network vulnerabilities.
Key Takeaways
- Proactive Policing: The Vienna State Criminal Police Office utilized cross-agency cooperation with mobile providers to track the perpetrator’s movements.
- Public Safety Risk: Beyond the financial threat of phishing, the use of unauthorized base stations poses a significant risk to public infrastructure, including emergency services.
- Heightened Awareness: Authorities continue to warn the public to remain vigilant against unsolicited SMS messages, even those appearing to come from trusted brands or delivery services.
This arrest marks a significant step in the ongoing effort to combat high-tech fraud in Austria. As cybercriminals continue to adopt more sophisticated methods to bypass traditional security measures, law enforcement remains committed to monitoring for and neutralizing these threats to protect the integrity of mobile communications.