Your sister texts you, frantic, requesting a quick cash injection to get her out of a sticky situation. Or maybe it's a cold-call insurance scam, a fake promotional call from your telecom provider, or a panic-inducing phishing message. These are the daily bread of modern life - frustrating, annoying, and occasionally effective enough to cost you real money. But where do they come from?

Racks of mobile phones, SIMs, and cellular modems make up today's SIM farms, which are often rented to cybercriminals to carry out automated attacks worldwide. Just because a text message appears to have been sent from a local number doesn't mean it actually was, and unfortunately, this access to local telecom infrastructure is what many scammers rely on today to dupe you into trusting their fake messages and calls.

A SIM farm is a network of hundreds, even thousands, of mobile SIM cards - backed by hardware such as modems and handsets - that operate simultaneously to perform a variety of tasks. Think cryptocurrency mining farms, but instead of wasting electricity on digital coins, they waste it on annoying you. SIM farms themselves are not necessarily malicious; businesses may use them for telecom-related testing, measuring, and scaling, and developers may use them for mobile app tests or legitimate bulk business messaging. However, they can - and often are - used with malicious intent. When fraudsters have a network of SIMs at their disposal, they can automate spam texting and calling, sending a barrage of messages to potential victims with little human oversight.

SIM farm-backed phishing, spam, and organized fraud on this scale causes misery and frustration for us, but the story doesn't end there. The U.S. Secret Service also believes that these operations could disrupt telco service and may be used by criminal groups and cartels to send encrypted messages to one another. A recent investigation by Infrawatch highlights just how SIM farms work, noting that such rentable infrastructure "enables large-scale fraud and abusive automation." The SIM farm network at the heart of this investigation included 94 physical locations containing SIM-related hardware across 17 countries, many in the US, with instances also found in Europe and South America. A shared control panel connected each farm to the network, linked to Belarus and Russian-speaking audiences, and promoted across Telegram and other online channels. SIM-related services were connected to at least 24 commercial proxy providers and 35 cellular providers, and few Know Your Customer (KYC) checks were found, suggesting the network could be accessed by "any buyer."

Unfortunately, this is far from the first time a SIM farm has been discovered, and each one that spins up represents more problems for our privacy and security. When SIM farms are operated or accessed by criminals, they are often used for bulk messaging, spam, and phishing. As each SIM acts like a separate device, it can also be used to create accounts for scalping, to run malicious proxies, or to build bot networks on social media and forums that spread misinformation and propaganda. Bots are a major issue, but because SIM farms also give users access to various geographic areas around the world, this benefits scammers who want local connections in their phishing attempts - such as US phone numbers to target US citizens. "SIM farms enable a range of illicit and abusive activity at [an] industrial scale and are supported by a broader downstream ecosystem of software, infrastructure, and commercial evasion services," the team says.

In September 2025, the US Secret Service dismantled a SIM farm - comprising over 300 SIM-based servers and packing over 100,000 SIM cards - that was operating near the UN. Law enforcement said this network could have been used for far more than phishing, with the potential of cellular blackouts, network traffic floods, and jammed 911 lines making it a significant security threat. Only a month later, Europol supported Operation SIMCARTEL, which led to the shutdown of a SIM farm linked to over 1,700 cyber fraud cases in Austria and Latvia.

In many countries, SIM farms are legal, and they were once a common way to conduct legitimate testing and communication tasks. The equipment itself isn't illegal, but SIM-farm applications and use are in a legal gray area and are likely challenging for regulators to handle properly. However, times are changing. Recognizing how SIM farms often underpin widespread scams, phishing campaigns, and bot-based scalping programs, governments are starting to take action. In the UK, for example, the government intends to ban the "possession and supply" of SIM farms. "The barrage of scam texts and phone calls we have seen from fraudsters causes emotional distress and financial misery to millions," said former UK Security Minister Tom Tugendhat. "The new offense will mean criminals are no longer able to obtain SIM farms and similar technologies to commit fraud. This will give police additional tools to disrupt the vile criminals that target the UK public." They won't have any control over SIM farms located in other countries, but it's a start.

Fraud, automated spam, and phishing aren't the only threats that our cellular connections and mobile devices expose us to. You should also know about SIM-swapping. One of ZDNET's own writers, Matthew Miller, was a victim of this attack, leading to the compromise of his online accounts and the theft of $25,000, which was withdrawn from his bank account to purchase cryptocurrency. SIM swapping occurs when a carrier hands over control of your SIM to a criminal. This happens when a fraudster impersonates you, typically through a phone call, and convinces a customer service representative to transfer control of your phone number to them. With enough information and your number in hand, they have a short window to hijack your accounts by using phone-based 2FA authentication. Victims will first notice a sudden loss of service, and any online account associated with their number will then be at risk. The key is rapid action, with a sprinkle of luck and a lot of determination. You need to contact your carrier and regain your number, and then follow Miller's guide on what to do next if you are a victim of this insidious attack method.