Europol Dismantles SIM Farm Network Powering 49 Million Fake Accounts Worldwide

Europol on Friday announced the disruption of a sophisticated cybercrime-as-a-service (CaaS) platform that operated a SIM farm and enabled its customers to carry out a broad spectrum of crimes ranging from phishing to investment fraud.

The coordinated law enforcement effort, dubbed Operation SIMCARTEL, saw 26 searches carried out, resulting in the arrest of seven suspects and the seizure of 1,200 SIM box devices, which contained 40,000 active SIM cards. Five of those detained are Latvian nationals.

In addition, five servers were dismantled and two websites gogetsms[.]com and apisim[.]com) advertising the service was taken over on October 10, 2025, to display a seizure banner. Separately, four luxury vehicles were confiscated, and €431,000 ($502,000) in suspects’ bank accounts and €266,000 ($310,000) in their cryptocurrency accounts were frozen.

✔ Approved Seller From Our Partners

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount

The countries that participated in the operation comprised authorities from Austria, Estonia, Finland, and Latvia, in collaboration with Europol and Eurojust.

According to Europol, the criminal network has been attributed to more than 1,700 individual cyber fraud cases in Austria and 1,500 in Latvia, leading to losses totaling around €4.5 million ($5.25 million) and €420,000 ($489,000) in the two countries, respectively.

“The criminal network and its infrastructure were technically highly sophisticated and enabled perpetrators around the world to use this SIM-box service to conduct a wide range of telecommunications-related cybercrimes, as well as other crimes,” the agency said.

The infrastructure offered telephone numbers registered to people from over 80 countries for use in criminal activities, including setting up fake accounts on social media and communication platforms with the primary goal of obscuring their original identity and location. In all, the service enabled the creation of more than 49 million online accounts.

These accounts were then used to conduct phishing and smishing attacks and carry out financial fraud by tricking victims into investing their funds in bogus trading schemes. Another involved contacting them on WhatsApp by posing as their daughter or son, claiming they now have a new number and asking them to transfer money in the four-figure range for an emergency.

Some of the other offenses that were made possible via the platform included extortion, migrant smuggling, and the distribution of child sexual abuse material (CSAM).

According to snapshots captured on the Internet Archive, GoGetSMS was marketed as a way to get “fast and secure temporary phone numbers,” with more than 10 million numbers available and receive verification codes from over 160 online services.

On its website, GoGetSMS also offered the ability to monetize existing SIM cards by turning them into “powerful assets for generating passive income” using its “specialized software,” allowing card owners to earn revenue for every SMS message sent to them.

On review website Trustpilot, paid users have complained of facing issues getting hold of a temporary number through GoGetSMS, with one user claiming that they paid for a U.S. number on the platform and did not get a working number in return. “Tried multiple times, wasted both time and money. Support is completely unresponsive – no help, no refund, nothing,” the user added.

The Latvian State Police, in a coordinated announcement, said the platform was designed for anonymous communication and payments, impacting 3,200 people in various countries.

Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.