Gang Members Sentenced for Scamming London Underground Passengers' Data

In February 2026, the British justice system handed down sentences in a high-profile case involving an organized criminal group that ran a sophisticated phishing campaign targeting passengers of the London Underground for eight months. As the investigation established, the scammers' key tool was specially modified devices, so-called 'SMS blasters', hidden inside ordinary wheeled suitcases. These suitcases were moved around various tube stations and tunnels, allowing for the automatic sending of thousands of fake text messages to phones within mobile network range. The message content concerned a supposedly undelivered parcel and contained a link redirecting to a spoofed website that imitated the portals of well-known courier companies. Victims, thinking they needed to confirm or pay for the delivery, entered their personal data, addresses, and full debit and credit card details there. The information obtained this way was immediately used for unauthorized transactions. The funds gathered this way, which according to the prosecution's final findings exceeded £600,000, were then 'laundered'. This method of money laundering involved the bulk purchase of gift cards, which complicated tracing the cash flow and identifying the beneficiaries. As a result of the trial, which concluded with sentences in February 2026, the court convicted four men directly involved in the scheme. Three of them – 24-year-old Yaseen Mahmood, 24-year-old Abdulah Mohammed, and 23-year-old Sadeck Amrani – received prison sentences. Mahmood and Mohammed were sentenced to four years in prison, while Amrani received two and a half years. The fourth defendant, 25-year-old Mohammed El-Megrioui, who pleaded guilty to the charge of participating in organized criminal activity, was sentenced to two years' imprisonment suspended for twelve months. The gang's activity, conducted from March to October 2023, focused on central and crowded tube stations where the concentration of potential victims was highest. The case shows not only the adaptation of classic cybercrime methods to physical public spaces but also the use of transport infrastructure as a channel for distributing malicious messages. SMS-based fraud methods, so-called 'smishing', became a common tool for cybercriminals in the early 21st century, parallel to the proliferation of mobile phones. In the UK, tens of thousands of such incidents are recorded annually, and authorities regularly warn about fake messages from courier companies, banks, and government offices. The Metropolitan Police and British Transport Police run joint awareness campaigns under the slogan 'Take Five to Stop Fraud'. Law enforcement representatives emphasized that this case is an example of the growing innovativeness of criminal groups. „This case shows how offenders are using technology in a way that bypasses traditional security measures and how vital public vigilance is.” — Detective Sergeant Victoria McParland They also warn that similar tactics could be replicated in other crowded public places, such as shopping centers or railway stations. They recommend that if you receive an unexpected message about a delivery, you should never click on attached links, but instead contact the sender directly using verified phone numbers or websites.