Report Date: November 08, 2025
Based on publicly reported cases up to November 8, 2025, there have been at least 16 distinct incidents worldwide involving confirmed or suspected criminal (non-state) deployment of IMSI catchers (including hybrid SMS blasters/rogue base stations) for purposes like smishing, blackmail, or espionage. These are primarily linked to organized fraud syndicates, with concentrations in Southeast Asia and Europe. The tally focuses on incidents with detections, arrests, or convictions; underreporting persists due to the devices' covert nature. No centralized global database exists.
| Case # | Location & Date | Details | Outcome |
|---|---|---|---|
| 1 | Czech Republic (nationwide), 2012 | Unauthorized IMSI catchers ("agátas") detected, suspected for business espionage or extortion by criminal gangs. Devices mimicked cell towers to intercept data. | No arrests; investigation unresolved. |
| 2 | South Africa (Pretoria), August 2015 | Three men (including a Welkom millionaire) attempted to sell/use an Israeli-made IMSI catcher for blackmailing officials and rigging state tenders via intercepted communications. Hawks posed as buyers in sting operation at Irene Mall. | Three arrests by South African Police Service; charged with illegal possession and use. |
| 3 | Norway (Oslo & Bergen), September 2023–January 2024 | 25-year-old Malaysian national drove vehicle with 4G/2G IMSI catcher to intercept numbers for mass smishing mimicking banks, targeting ~250,000 people. Initially suspected of spying near government sites. | Convicted of fraud in Oslo District Court (January 2024); 3-year sentence upheld by Supreme Court (July 2024). Device seized by Økokrim. |
| 4 | France (Paris region), December 2022 | Syndicate used vehicle-mounted IMSI catcher to send fraudulent Ameli/Chronopost smishing SMS, forcing phones to connect via fake base station. Probe started after Orange complaint in October 2022. | Vehicle/device seized; 14 defendants (including Chinese seller extradited from Switzerland) to stand trial for fraud, data interception, and unauthorized frequencies. |
| 5 | United Kingdom (London), June 2024 | Two men (incl. Huayong Xu, 32) deployed homemade IMSI catcher via vehicle antenna to harvest numbers for thousands of bank/service smishing messages. | Arrests by City of London Police; one charged, court in June 2024. First confirmed UK criminal case. |
| 6 | Thailand (Bangkok), April 2024 | Six suspects (incl. two from Hong Kong/China) in transnational scam ring used vehicle IMSI catchers to intercept metadata for bank-mimicking SMS phishing. Devices via Telegram; linked to Philippines ops. | Arrests by Cyber Crime Investigation Bureau; three vehicles/devices seized. One victim defrauded. |
| 7 | Philippines (Parañaque), January 21, 2025 | Malaysian national Thiang Choon Wee, syndicate leader, supplied portable "Octopus 5G" IMSI catchers/SMS blasters for text scams across Philippines, Cambodia, China, Thailand. Device bypassed SIM/Wi-Fi needs. | Arrest in joint op by CICC, PNP-ACG, BI, NTC; charged with supplying scam tools. Equipment (incl. jammers, fake currency) seized. |
| 8 | Philippines (nationwide), February 20, 2025 | Five suspects operated IMSI catcher-equipped vehicles surveilling government/military sites, potentially for data theft or espionage-linked fraud. Detected via network monitoring. | Arrests by NBI Cybercrime Division and AFP task force; devices confiscated. |
| 9 | United Kingdom (London), March 2025 | Chinese student Ruichen Xiong used vehicle-mounted SMS blaster (IMSI hybrid) to send government-mimicking smishing to tens of thousands for credential theft. | Arrest and imprisonment; part of rising scam trend. |
| 10 | Philippines (Pasay), March 7, 2025 | Alias "Dante" (ex-POGO security guard) sold backpack-portable IMSI catcher for P600,000 via social media, capable of mass SMS and 500m data harvesting. | Arrest by PNP cyber investigators after marked money sting on Roxas Blvd.; device seized. |
| 11 | Philippines (Manila), April 2025 | Chinese national operated vehicle IMSI catcher near Commission on Elections office for potential election surveillance/data theft. Device snatched messages/tracked locations. | Arrest by NBI; device confiscated. China denied ties. |
| 12 | Thailand (Bangkok), August 2025 | 35-year-old South Korean courier for Chinese syndicates drove rental car with IMSI catcher (false base station) for bulk spoofed smishing in urban areas, directed via Telegram. | Arrest by CCIB; device seized. |
| 13 | Switzerland (Muttenz, near Basel), October 14, 2025 | 52-year-old Chinese national drove SMS blaster (IMSI hybrid) sending smishing impersonating Post Office, Migros, UBS for loyalty point phishing. | Arrest by Swiss police; device seized. |
| 14 | Switzerland (western region), October 2025 (approx.) | Three men (ages 21–30) operated two vehicle SMS blasters for smishing campaigns. Third was vehicle owner. | Three arrests by Swiss police; devices seized. |
| 15 | Cambodia (Sihanoukville), October 20, 2025 | 24-year-old Cambodian man drove Toyota Prius with two backseat SMS blasters (silver cases) for phishing hyperlink SMS, linked to Chinese scam compounds. | Arrest by Preah Sihanouk Provincial Police; devices seized. |
| 16 | Cambodia (Sihanoukville), November 1, 2025 | Two suspects in separate cars carried trunk SMS blaster during roadblock on Mithona Street, for urban smishing ops amid scam hubs. | Two arrests in 624-car search by local police; devices seized. Additional unrelated arrests. |
Based on disclosures, FOIA requests, and investigations up to November 8, 2025, there have been at least 13 documented deployments by law enforcement or security agencies globally. These are used for tracking suspects, counter-terrorism, and immigration enforcement, often under secrecy agreements. US agencies dominate reports due to ACLU advocacy; European uses face privacy scrutiny. Warrants are required in some jurisdictions (e.g., California), but not all. No global tally exists, but estimates suggest 100+ agencies worldwide.
| Case # | Location & Agency (Date) | Details | Outcome/Notes |
|---|---|---|---|
| 1 | USA (Palm Bay, FL) - Palm Bay PD (2006) | Used StingRay to track phones during bomb threat at middle school; Harris Corp. operated device. | Threat neutralized; no warrant obtained. First public local use. |
| 2 | USA (Baltimore, MD) - Baltimore PD (2010) | Deployed StingRay to locate suspect in identity theft/tax fraud case (Rigmaiden). | Suspect arrested; led to court challenge on warrantless use and secrecy. |
| 3 | USA (Nationwide) - FBI (2012–ongoing) | Agreements with 48+ local PDs for StingRay use in investigations; NDAs limit disclosure. | Widespread adoption; ACLU FOIA revealed scope, sparking policy debates. |
| 4 | USA (Various states) - Multiple PDs (2013) | ACLU confirmed use in WA, NV, AZ, AK, MO, NM, GA, MA for criminal tracking. | Public map created; prompted state-level warrant requirements (e.g., CA 2015). |
| 5 | USA (Nationwide) - ICE/DHS (2023–2025) | Vehicles with fake cell towers for immigration surveillance; used without warrants in many cases. | Congressional report (2023) criticized; 2025 TechCrunch exposé on purchases. |
| 6 | USA (Protests nationwide) - Various LE (2020–2024) | Deployed at BLM/2024 election protests for crowd monitoring via cell-site simulators. | Disrupted 911 calls reported; EFF/Marshall Project highlighted disproportionate impact on minorities. |
| 7 | UK (Nationwide) - Multiple Forces (2016) | At least 7 forces (e.g., Met, Gwent, Leicestershire) used IMSI catchers for harvesting phone data. | Guardian FOI revealed higher usage; ongoing secrecy via "neither confirm nor deny." |
| 8 | UK (London) - Metropolitan Police (2015–ongoing) | Used in counter-terrorism and serious crime ops; deployed vehicle-mounted. | Integrated into RIPA framework; privacy complaints to IOPC. |
| 9 | Sweden (Nationwide) - Swedish Police (2010s–2022) | Deployed in criminal investigations as fake base stations; man-in-the-middle attacks. | Privacy risks documented in 2022 thesis; requires judicial approval under LEK. |
| 10 | Ireland (Dublin) - Garda Síochána (2014) | Used IMSI catchers to surveil GSOC offices amid corruption probe. | Scandal exposed by Privacy International; led to oversight reforms. |
| 11 | Canada (Edmonton) - Edmonton PS (2015) | Ambiguous confirmation of StingRay-like use in public safety ops. | Statement retracted; raised PIPEDA privacy concerns. |
| 12 | Australia (Nationwide) - Australian Federal Police (2018–ongoing) | Reported in counter-terror and organized crime; secrecy under TIA Act. | Parliamentary inquiries (2020) called for transparency; limited public details. |
| 13 | Germany (Hamburg) - Hamburg State Police & Federal Police (July 5–8, 2017) | Deployed IMSI catchers during G20 Summit for real-time tracking of protesters' movements and communications in high-protest zones (e.g., Schanzenviertel). Integrated with radio interrogation, silent SMS, and video surveillance; vehicle- or fixed-mounted. | Affected tens of thousands; contributed to 476 officer injuries, 186 arrests. Criticized for privacy/assembly rights violations; sparked 2017 parliamentary inquiries and reviews under TKÜV. No major policy changes, but increased scrutiny. |