Follow ZDNET: Add us as a preferred source on Google.
ZDNET’s key takeaways
- “SIM farm as-a-service” setups are used for financial fraud, spam, phishing, and online product scalping.
- These hidden phone factories operate in the shadows to support large-scale scamming and phishing.
- SIM-related scams you should know about, and how to stay safe.
Your sister texts you, frantic, requesting a quick cash injection to get her out of a sticky situation.
The problem is, you don’t have a sister.
Cold-call insurance scams, fake promotional calls from your telecommunications provider, and even panic-inducing phishing calls and texts are part of our daily lives. They’re frustrating, annoying, and sometimes, we fall for them. But where do these calls come from?
Also: ‘Job seekers have to be detectives’: 3 signs that listing is a scam
Racks of mobile phones, SIMs, and cellular modems make up today’s SIM farms, which are often rented to cybercriminals to carry out automated attacks worldwide. Just because a text message appears to have been sent from a local number doesn’t mean it actually was, and unfortunately, it is this access to local telecom infrastructure that many scammers rely on today when trying to dupe you into trusting the fake messages and calls they send.
What is a SIM farm?
A SIM farm is a network of hundreds, even thousands, of mobile SIM cards — backed by hardware such as modems and handsets — that operate simultaneously to perform a variety of tasks.
This might bring to mind cryptocurrency mining farms, where high volumes of computing hardware and huge amounts of electricity are used — sometimes illegally — to mine cryptocurrency. SIM farms, too, require dedicated hardware and are set to perform tasks, but instead of focusing on crypto or other digital assets, they’re often used as communication systems.
SIM farms themselves are not necessarily malicious. For example, businesses may use them for telecom-related testing, measuring, and scaling; developers may use them to conduct mobile app tests, and they could also be used for legitimate bulk business messaging.
Also: Dealing with silent robocalls? This is why scam callers keep quiet
However, they can — and often are — used with malicious intent. When fraudsters have a network of SIMs at their disposal, they can perform and automate spam texting and calling, sending a barrage of messages to potential victims with little human oversight.
SIM farm-backed phishing, spam, and organized fraud on this scale causes misery and frustration for us, but the story doesn’t end there. The U.S. Secret Service also believes that these operations could disrupt telco service and may be used by criminal groups and cartels to send encrypted messages to one another.
SIM farms exposed: 94 locations, 17 countries
A recent investigation by Infrawatch highlights just how SIM farms work, noting that such rentable infrastructure “enables large-scale fraud and abusive automation.”
The SIM farm network at the heart of this investigation included 94 physical locations containing SIM-related hardware across 17 countries. Many of the SIM farms were located in the US, with instances also found in Europe and South America.
Also: Lock down your AT&T account to prevent SIM swapping attacks – here’s how
A shared control panel connected each farm to the network, which has been linked to Belarus and to Russian-speaking audiences and promoted across Telegram and other online channels. SIM-related services were connected to at least 24 commercial proxy providers and 35 cellular providers. Few Know Your Customer (KYC) checks were found, which suggests the network could be accessed by “any buyer,” according to the team.
Unfortunately, this is far from the first time a SIM farm has been discovered, and each one that spins up represents more problems for our privacy and security.
Why are SIM farms a problem?
When SIM farms are operated or accessed by criminals, they are often used for bulk messaging, spam, and phishing. As each SIM acts like a separate device, it can also be used to create accounts for scalping, to run malicious proxies, or to build bot networks on social media and forums that spread misinformation and propaganda.
Bots are a major issue, but because SIM farms also give users access to a variety of geographic areas around the world, this benefits scammers who want local connections in their phishing attempts — such as US phone numbers to target US citizens.
Also: I’m a tech professional, and an AI job scam almost fooled me – here’s how I caught on
“SIM farms enable a range of illicit and abusive activity at [an] industrial scale and are supported by a broader downstream ecosystem of software, infrastructure, and commercial evasion services,” the team says.
In September 2025, the US Secret Service dismantled a SIM farm — comprising over 300 SIM-based servers and packing over 100,000 SIM cards — that was operating near the UN. Law enforcement said this network could have been used for far more than phishing, with the potential of cellular blackouts, network traffic floods, and jammed 911 lines making it a significant security threat.
Only a month later, Europol supported Operation SIMCARTEL, which led to the shutdown of a SIM farm linked to over 1,700 cyber fraud cases in Austria and Latvia.
The legal problem
In many countries, SIM farms are legal, and they were once a common way to conduct legitimate testing and communication tasks. The equipment itself isn’t illegal, but SIM-farm applications and use are in a legal gray area and are likely challenging for regulators to handle properly.
However, times are changing. Recognizing how SIM farms often underpin widespread scams, phishing campaigns, and bot-based scalping programs, governments are starting to take action.
Also: How to check if a text message is spam on Android – and the free tool I rely on
In the UK, for example, the government intends to ban the “possession and supply” of SIM farms.
“The barrage of scam texts and phone calls we have seen from fraudsters causes emotional distress and financial misery to millions,” said former UK Security Minister Tom Tugendhat. “The new offense will mean criminals are no longer able to obtain SIM farms and similar technologies to commit fraud. This will give police additional tools to disrupt the vile criminals that target the UK public.”
They won’t have any control over SIM farms located in other countries, but it’s a start.
4 ways to stay protected
- Trust nothing: SIM farms provide the infrastructure to send high volumes of spam and phishing messages globally. Just because a phone number sending you a message appears local doesn’t mean it’s not a scam.
- Be aware of new scams: Scam artists change their tactics all the time. Gone are the days of scams claiming you’ve won the lottery. Phishing and fraudulent messages often appear to come from trusted sources, such as family, friends, colleagues, or institutions, including banks and retailers.
- Notice patterns: Generic greetings, grammatical errors, and shortened URL links are all often indicators of a fraudulent message. You should never click links in text messages; if you aren’t sure whether the communication is genuine, use another method to verify its contents — such as making a call.
- Urgent is rarely urgent: If you receive a message with “urgent” content, such as a demand for payment, a missed delivery, or even an SMS supposedly from a family member who needs money for medical treatment, remember that fraudsters focus on creating panic, in the hope that their victims will make a rash decision and hand over either their data or their cash.
Also: I tested NordVPN’s free scam checker with real phishing emails – here’s how it fared
Another SIM-based threat to be aware of
Fraud, automated spam, and phishing aren’t the only threats that our cellular connections and mobile devices — however useful they are — expose us to. You should also know about SIM-swapping. One of ZDNET’s own writers, Matthew Miller, was a victim of this attack, leading to the compromise of his online accounts and the theft of $25,000, which was withdrawn from his bank account to purchase cryptocurrency.
Also: I’ve been subscribed to a data removal service a month now – what I wish I knew sooner
SIM swapping occurs when a carrier hands over control of your SIM to a criminal. This happens when a fraudster impersonates you, typically through a phone call, and convinces a customer service representative to transfer control of your phone number to them. With enough information and your number in hand, they have a short window to hijack your accounts by using phone-based 2FA authentication.
Victims will first notice a sudden loss of service, and any online account associated with their number will then be at risk.
The key is rapid action, with a sprinkle of luck and a lot of determination. You need to contact your carrier and regain your number, and then follow Miller’s guide on what to do next if you are a victim of this insidious attack method.