Your phone will connect to the strongest tower it hears. It does not ask for ID first. It assumes trust, and that assumption is the entire problem. I first noticed this in 2019 outside a security conference in Las Vegas. My test Android dropped from LTE to 2G for 47 seconds, then returned to normal. No user notification. The baseband logs showed a cipher downgrade to A5/0, a location area code that did not exist in any public database, and a silent authentication request. I was running SnoopSnitch because I was testing detection methods for a client. The log was clean evidence of an IMSI catcher in operation. That was six years ago, when the hardware still cost five figures. In 2026, you can build a functional LTE catcher for under $600 with open source software and a software defined radio. I know because I build them for red team exercises, then I build the tools to find them. If you carry a phone, you have probably connected to at least one fake tower this year.…