Operation “SIMCARTEL”: Europe’s Crackdown on SIM-Based Cybercrime
European authorities have dismantled a large-scale cybercrime network that rented out SIM cards for fraudulent use. The coordinated raids, conducted across multiple countries in October 2025, led to several arrests and the seizure of critical infrastructure. The operation marks a major step forward in disrupting SIM-based scams and identity fraud.
October 22, 2025 18:00
Latest Developments
Under the codename SIMCARTEL, law enforcement in Latvia, Austria, Estonia and Finland raided multiple sites, arresting seven suspects and seizing around 1,200 SIM-box devices, 40,000 active SIM cards, and five servers. The group allegedly provided global phone numbers to cybercriminals in over 80 countries, enabling large-scale phishing, investment fraud, and impersonation scams.
Scope of the Network
Investigators linked the operation to over 3,000 fraud cases with losses exceeding €5 million. The seized systems contained data tied to more than 49 million fake online accounts, revealing how deeply the group’s infrastructure supported identity theft and online deception. Authorities also confiscated vehicles, cash, and cryptocurrency wallets connected to the illegal business.
Infrastructure and Modus Operandi
The network operated as a “SIM-as-a-Service” model, allowing criminals to rent temporary phone numbers to bypass verification and conceal their identities. Through automated SIM-box servers, the gang facilitated SMS-based phishing (smishing), two-factor code interception, and caller-ID spoofing—critical enablers of modern fraud.
Implications for Businesses and Consumers
This case underscores how telecom infrastructure can be exploited for digital fraud at scale. Companies should strengthen their authentication systems, adopt app- or token-based MFA, and monitor for unusual verification patterns. Consumers are advised to stay alert to unexpected calls or SMS messages and avoid sharing verification codes with unknown contacts.
What Comes Next
Although the SIMCARTEL network has been dismantled, similar infrastructures can re-emerge quickly. Telecom operators and cybersecurity agencies are now deploying enhanced SIM-box detection and traffic-anomaly monitoring to prevent a resurgence. Continuous cross-border cooperation will be vital to counter the next wave of SIM-enabled cybercrime in Europe.
