The Shadowy Sim Farms Behind Those Incessant Scam Texts - And How To Stay Safe

Infrawatch

Follow ZDNET: Add america arsenic a preferred source on Google.

ZDNET's cardinal takeaways

• "SIM workplace as-a-service" setups are utilized for financial fraud, spam, phishing, and online merchandise scalping. 
• These hidden telephone factories run successful nan shadows to support large-scale scamming and phishing.
• SIM-related scams you should cognize about, and really to enactment safe.

Your sister texts you, frantic, requesting a speedy rate injection to get her retired of a sticky situation.

The problem is, you don't person a sister. 

Cold-call security scams, clone promotional calls from your telecommunications provider, and moreover panic-inducing phishing calls and texts are portion of our regular lives. They're frustrating, annoying, and sometimes, we autumn for them. But wherever do these calls travel from? 

Also: 'Job seekers person to beryllium detectives': 3 signs that listing is simply a scam

Racks of mobile phones, SIMs, and cellular modems dress up today's SIM farms, which are often rented to cybercriminals to transportation retired automated attacks worldwide. Just because a matter connection appears to person been sent from a section number doesn't mean it really was, and unfortunately, it is this entree to section telecom infrastructure that galore scammers trust connected coming erstwhile trying to dupe you into trusting nan clone messages and calls they send.

What is simply a SIM farm?

A SIM workplace is simply a web of hundreds, moreover thousands, of mobile SIM cards -- backed by hardware specified arsenic modems and handsets -- that run simultaneously to execute a assortment of tasks. 

This mightiness bring to mind cryptocurrency mining farms, wherever precocious volumes of computing hardware and immense amounts of energy are utilized -- sometimes illegally -- to excavation cryptocurrency. SIM farms, too, require dedicated hardware and are group to execute tasks, but alternatively of focusing connected crypto aliases different integer assets, they're often utilized arsenic connection systems. 

SIM farms themselves are not needfully malicious. For example, businesses whitethorn usage them for telecom-related testing, measuring, and scaling; developers whitethorn usage them to behaviour mobile app tests, and they could besides beryllium utilized for morganatic bulk business messaging. 

Also: Dealing pinch silent robocalls? This is why scam callers support quiet

However, they tin -- and often are -- utilized pinch malicious intent. When fraudsters person a web of SIMs astatine their disposal, they tin execute and automate spam texting and calling, sending a barrage of messages to imaginable victims pinch small quality oversight. 

SIM farm-backed phishing, spam, and organized fraud connected this standard causes misery and vexation for us, but nan communicative doesn't extremity there. The U.S. Secret Service also believes that these operations could disrupt telco work and whitethorn beryllium utilized by criminal groups and cartels to nonstop encrypted messages to 1 another. 

SIM farms exposed: 94 locations, 17 countries

A recent investigation by Infrawatch highlights conscionable really SIM farms work, noting that specified rentable infrastructure "enables large-scale fraud and abusive automation." 

The SIM workplace web astatine nan bosom of this investigation included 94 beingness locations containing SIM-related hardware crossed 17 countries. Many of nan SIM farms were located successful nan US, pinch instances besides recovered successful Europe and South America. 

Also: Lock down your AT&T relationship to forestall SIM swapping attacks - here's how

A shared power sheet connected each workplace to nan network, which has been linked to Belarus and to Russian-speaking audiences and promoted crossed Telegram and different online channels. SIM-related services were connected to astatine slightest 24 commercialized proxy providers and 35 cellular providers. Few Know Your Customer (KYC) checks were found, which suggests nan web could beryllium accessed by "any buyer," according to nan team.

Unfortunately, this is acold from nan first clip a SIM workplace has been discovered, and each 1 that spins up represents much problems for our privateness and security.  

Why are SIM farms a problem?

When SIM farms are operated aliases accessed by criminals, they are often utilized for bulk messaging, spam, and phishing. As each SIM acts for illustration a abstracted device, it tin besides beryllium utilized to create accounts for scalping, to tally malicious proxies, aliases to build bot networks connected societal media and forums that dispersed misinformation and propaganda. 

Bots are a awesome issue, but because SIM farms besides springiness users entree to a assortment of geographic areas astir nan world, this benefits scammers who want section connections successful their phishing attempts -- specified arsenic US telephone numbers to target US citizens. 

Also: I'm a tech professional, and an AI occupation scam almost fooled maine - here's really I caught on

"SIM farms alteration a scope of illicit and abusive activity astatine [an] business standard and are supported by a broader downstream ecosystem of software, infrastructure, and commercialized evasion services," nan squad says. 

In September 2025, nan US Secret Service dismantled a SIM workplace -- comprising complete 300 SIM-based servers and packing complete 100,000 SIM cards -- that was operating adjacent nan UN. Law enforcement said this web could person been utilized for acold much than phishing, pinch nan imaginable of cellular blackouts, web postulation floods, and jammed 911 lines making it a important information threat. 

Only a period later, Europol supported Operation SIMCARTEL, which led to nan shutdown of a SIM workplace linked to complete 1,700 cyber fraud cases successful Austria and Latvia. 

The ineligible problem

In galore countries, SIM farms are legal, and they were erstwhile a communal measurement to behaviour morganatic testing and connection tasks. The instrumentality itself isn't illegal, but SIM-farm applications and usage are successful a ineligible grey area and are apt challenging for regulators to grip properly.

However, times are changing. Recognizing really SIM farms often underpin wide scams, phishing campaigns, and bot-based scalping programs, governments are starting to return action.

Also: How to cheque if a matter connection is spam connected Android - and nan free instrumentality I trust on

In nan UK, for example, nan authorities intends to ban nan "possession and supply" of SIM farms.

"The barrage of scam texts and telephone calls we person seen from fraudsters causes affectional distress and financial misery to millions," said erstwhile UK Security Minister Tom Tugendhat. "The caller discourtesy will mean criminals are nary longer capable to get SIM farms and akin technologies to perpetrate fraud. This will springiness constabulary further devices to disrupt nan vile criminals that target nan UK public."

They won't person immoderate power complete SIM farms located successful different countries, but it's a start. 

4 ways to enactment protected

1. Trust nothing: SIM farms supply nan infrastructure to nonstop precocious volumes of spam and phishing messages globally. Just because a telephone number sending you a connection appears section doesn't mean it's not a scam.
2. Be alert of caller scams: Scam artists alteration their strategies each nan time. Gone are nan days of scams claiming you've won nan lottery. Phishing and fraudulent messages often look to travel from trusted sources, specified arsenic family, friends, colleagues, aliases institutions, including banks and retailers. 
3. Notice patterns: Generic greetings, grammatical errors, and shortened URL links are each often indicators of a fraudulent message. You should ne'er click links successful matter messages; if you aren't judge whether nan connection is genuine, usage different method to verify its contents -- specified arsenic making a call.
4. Urgent is seldom urgent: If you person a connection pinch "urgent" content, specified arsenic a request for payment, a missed delivery, aliases moreover an SMS supposedly from a family personnel who needs money for aesculapian treatment, retrieve that fraudsters attraction connected creating panic, successful nan dream that their victims will make a rash determination and manus complete either their information aliases their cash.

Also: I tested NordVPN's free scam checker pinch existent phishing emails - here's really it fared

Another SIM-based threat to beryllium alert of

Fraud, automated spam, and phishing aren't nan only threats that our cellular connections and mobile devices -- nevertheless useful they are -- expose america to. You should besides cognize astir SIM-swapping. One of ZDNET's ain writers, Matthew Miller, was a victim of this attack, starring to nan discuss of his online accounts and nan theft of $25,000, which was withdrawn from his slope relationship to acquisition cryptocurrency. 

Also: I've been subscribed to a information removal work a period now - what I wish I knew sooner

SIM swapping occurs erstwhile a bearer hands complete power of your SIM to a criminal. This happens erstwhile a fraudster impersonates you, typically done a telephone call, and convinces a customer work typical to transportation power of your telephone number to them. With capable accusation and your number successful hand, they person a short model to hijack your accounts by utilizing phone-based 2FA authentication. 

Victims will first announcement a abrupt nonaccomplishment of service, and immoderate online relationship associated pinch their number will past beryllium astatine risk. 

The cardinal is accelerated action, pinch a sprinkle of luck and a batch of determination. You request to interaction your bearer and regain your number, and past travel Miller's guide connected what to do adjacent if you are a unfortunate of this insidious onslaught method.