Google Advises Android Users to Turn Off Unsafe 2G Connections. Here’s Why

Tech giant Google has just issued a new warning about 2G calls for Android users and explained why disabling the feature is the best way to stay safe in dangerous situations.

For those who may not know, the company used the term SMS Blasters for a group of Stingrays, False Base Stations, and cell-site simulators that nefarious individuals use to trick cell phones into making calls. This gives rise to fake text messages.

One way to combat this attempt is to disable them or tap the option that disables them. Such unsecured 2G connections on the device are really worrying, security experts add.

The latest information comes from FASG, which has published a new information document for members aimed at gathering relevant information on SMS scams, as well as guidance for carriers and mitigation recommendations for all parties involved.

The latest document, which is available to GSMA members, refers to some specific recommendations for Android, as well as a number of features that can provide greater protection against these types of malicious attempts.

According to Google, fake news is only available to 2G users and may cause more cases of fraud. There are now more reports of global incidents that have occurred recently.

Attackers can simply fake this number to make it seem like it belongs to a reputable company when it actually doesn’t. Meanwhile, some reports have talked about it being used to deliver malware, such as scenarios where phishing texts are injected with certain URLs to download payloads.

SMS Blasters ultimately expose any fake 5G networks that introduce single functionalities. This involves downgrading in conjunction with 2G protocols. Such devices also highlight any fake 2G connections, which are known to encourage nearby devices to connect to them.

There are points where attackers abuse the well-known lack of mutual authentication in 2G connections and force the connections to become unencrypted. As a result, you get the entire PitM position for injecting SMS payloads.

Interestingly, such SMS Blasters are portable and sold online. They do not require much technical experience to use. Compared to the SMS phishing incidents that can be seen today, such direct delivery systems bypass networks and anti-fraud or anti-spam filters. In the end, there is the certainty that all text messages will reach the victims.

Google introduced the option to disable 2G connectivity back in Android 12 devices. This feature first appeared on Pixel phones, and then Google introduced another feature called “Allow 2G” to disable emergency calls, while emergency calls were still allowed.

When used properly it protects against the enormous risks that SMS Blasters pose.

Android also has options to disable all null ciphers as another protection mechanism, since 2G needs to configure the null cipher for SMS payload injection. This was introduced with Android 14, so devices must include radio HAL 2.0 and above.

Read next article: Google introduces new ‘School Time’ parental controls for Android