In a sweeping coordinated action code-named Operation SIMCARTEL, Europol and Eurojust have dismantled a criminal network running high-capacity SIM farms across several European states. The operation targeted infrastructure that enabled millions of fraudulent SMS messages and spoofed phone calls used in phishing and banking scams.
Investigators revealed that the group managed hundreds of GSM gateways connected to thousands of prepaid SIM cards. These devices automated mass delivery of smishing texts that impersonated legitimate banks, parcel services, and government agencies. Each SIM modem rotated numbers to bypass carrier detection, allowing persistent large-scale attacks.
Cross-Border Cooperation and Arrests
National cybercrime units in France, Germany, Spain, and the Netherlands executed synchronized raids. Law-enforcement agents seized servers, computers, and financial records linking suspects to smishing domains and VoIP spoofing services. More than fifty suspects were detained for questioning, with multiple prosecutions now coordinated through Eurojust.
The Scale of the Infrastructure
According to Europol, the dismantled network processed over 15 million fraudulent messages monthly. Investigators estimate losses to European victims in the tens of millions of euros. The seized hardware included cloud servers used to manage remote GSM pools and web panels controlling SIM banks hosted in multiple data centers.
Impact on Telecom Security
Telecommunication experts note that SIM farms undermine anti-spam defenses by exploiting legitimate carrier infrastructure. By distributing small volumes per SIM card, attackers stay below operator thresholds, complicating detection. The takedown will reduce smishing volumes temporarily, yet similar setups often reappear under new domains.
Next Steps for Law Enforcement
Europol’s European Cybercrime Centre (EC3) is analyzing seized servers to map additional networks that rent SIM-farm access to fraud groups. Authorities expect further arrests as digital forensics teams extract logs and cryptocurrency wallet traces.
Mitigation and Public Awareness
Cybersecurity professionals urge telecom providers to deploy advanced traffic analytics and stronger KYC checks for bulk SIM registrations. Individuals should remain alert to unsolicited SMS links, verify sender authenticity, and report smishing attempts through national portals.
Operation SIMCARTEL underscores the growing sophistication of organized cybercrime targeting telecommunications systems. Europol’s coordinated approach demonstrates that joint intelligence sharing and rapid action can disrupt high-volume fraud ecosystems. Continued vigilance and cooperative enforcement remain essential to protect consumers and networks.
FAQs
Q1: What is a SIM farm?
A SIM farm is an array of GSM modems loaded with multiple SIM cards that send automated SMS messages or calls, often for spam or fraud purposes.
Q2: Why are SIM farms used in smishing?
They allow criminals to send thousands of personalized messages while rotating numbers to evade carrier and bank filters.
Q3: What can users do to protect themselves?
Avoid clicking links in unsolicited texts, contact service providers directly, and use mobile security apps that block fraudulent SMS URLs.
5 thoughts on “Europol Raid Ends Multi-Nation SIM-Farm Used for SMS Phishing”