The law enforcement forces of several European countries have dismantled a large-scale cybercrime operation called SIMCARTEL, which facilitated phishing attacks and other criminal activities through mobile networks. The action, carried out by Europol and the authorities of Austria, Estonia, and Latvia, led to the identification of more than 3,200 cases of fraud, as well as financial losses of approximately 5.3 million dollars in Austria and 490,000 dollars in Latvia.
Millions in losses
The operation, which took place mainly on October 10 in Latvia, resulted in the arrest of seven individuals and the confiscation of 1,200 SIM box devices equipped with 40,000 active SIM cards. These cards were used to carry out a variety of cyber crimes, including credential and financial data theft, investment scams, and false emergencies in order to obtain illicit profits.
Europol described the infrastructure used by these criminals as highly sophisticated, allowing the perpetrators to create fake accounts on social media and communication platforms, which enabled them to hide their true identity and location while committing their crimes. Furthermore, more than 49 million accounts created through this criminal network have been tracked.
The operation also involved multiple raids that resulted in the seizure of hundreds of thousands of additional SIM cards, five servers, and two websites used by the criminal organization. Investigators also confiscated four luxury vehicles and froze over $833,000 in bank and cryptocurrency accounts of the suspects.
The warnings about the growth of these operations are evident, as experts from Unit 221B have identified at least 200 SIM boxes operating in different locations across the United States. This phenomenon poses significant risks to phone users, banks, network operators, and retailers, as SIM farms allow cybercriminals to carry out and sell illicit services through mobile network infrastructure.