Updated: April 23, 2026 at 11:10AM EDT
Published: April 23, 2026 at 6:25AM EDT
Toronto police say three suspects are in custody in connection with a cybercrime investigation that involved technology never before seen in Canada.
The arrests in the probe, dubbed Project Lighthouse, were announced on Thursday afternoon.
Police said suspects used a “mobile SMS blaster” to intercept connections and send fraudulent texts directly to tens of thousands of devices in the GTA.
The suspects are facing a combined 44 charges, including fraud and mischief.
“We are speaking about an investigation that is a first in Canada and one that highlights how quickly the landscape of crime is evolving,” Deputy Chief Robert Johnson told reporters on Thursday morning.
The blasters, he said, are a “sophisticated device designed to mimic a cell tower, intercept connections, and send fraudulent text messages directly to people’s phone.”
“It is a technology that until now had not been detected operating anywhere in this country,” he added.
The goal of the fraud, Johnson said, is to “gain access to your personal and financial information.”
“What makes this particularly concerning is the scale and impact. This wasn’t targeting a single individual or a business. It had the ability to reach thousands of devices at once,” he said.
“Beyond the financial risk, there are real public safety implications. For instance, when devices are diverted from legitimate networks even briefly, it interferes with a person’s ability to connect to emergency services.”
The investigation began in November 2025, after police said a cybersecurity partner notified law enforcement about a suspected SMS blaster operating in downtown Toronto.
“Through the course of the investigation, we determined that the device was mobile and being run out of a vehicle, which allowed it to move throughout the Greater Toronto Area and be used in multiple locations,” Det.-Sgt. Lindsay Riddell told reporters.
“An SMS blaster works by mimicking a legitimate cellular tower. When people’s phones connect to it, they receive fraudulent text messages that appear to come from trusted organizations often directing them to click a link.”
The links, she said, lead to fake websites that are “designed to steal personal information, including banking credentials and passwords,” a practice commonly known as “smishing.”
“We believe tens of thousands of devices connected to the blaster over several months,” Riddell said.
She noted that 13 million network disruptions were detected, meaning that for a period of time, those devices were unable to connect to legitimate cell towers.
Search warrants were carried out last month in both Hamilton and Markham and two men were subsequently arrested.
Riddell said a third man turned himself into police earlier this week.
Multiple SMS blasters were seized during the raids, Riddell added, adding that the photo released by police of an SMS blaster does not depict the ones found in the GTHA.
“The ones we seized in Toronto were uniquely built and we are not sharing those publicly for safety reasons,” she said.
“We are pretty confident that we have dealt with all of them and there will be no further risk in the City of Toronto for this.”
Riddell was unable to provide an estimate of the total losses, saying they are still looking for other victims.
“If you believe you have been the victim of fraud, we encourage you to report it to police.”
She said the fraudulent messages may have related to parking fines or Hwy. 407 bills.
“If you receive a text message you weren’t expecting, do not click on any links. Be cautious of messages claiming to be from legitimate organizations requesting payment,” she said.
“Never share your personal or login information through unsolicited messages.”
©2026 BellMedia All Rights Reserved

source