>>/787060/
The criminal network and its infrastructure were technically highly sophisticated and enabled perpetrators around the world to use this SIM-box service to conduct a wide range of telecommunications-related cybercrimes, as well as other crimes. The online service created by the criminal network offered telephone numbers registered to people from over 80 countries for use in criminal activities. It allowed perpetrators to set up fake accounts for social media and communication platforms, which were subsequently used in cybercrimes while obscuring the perpetrators’ true identity and location.
Results of the action day:
• 26 searches carried out;
• 5 individuals arrested;
• approximately 1200 SIM-box devices seized which operated 40 000 SIM cards;
• hundreds of thousands of further SIM cards seized;
• 5 servers with infrastructure of the illegal service seized;
• 2 websites (gogetsms.com and apisim.com) offering the illegal service taken over by law enforcement and “splash pages” displayed;
• EUR 431 000 in suspects’ bank accounts frozen;
• USD 333 000 in suspects’ crypto accounts frozen;
• 4 luxury vehicles seized.
The true scale of this network is still being uncovered. Measured by volume, more than 49 million online accounts were created on basis of the illegal service provided by suspects. The damage caused by the renters of the telephone numbers to their victims amounts to several million euros.
Enabling a multitude of serious crimes
The criminal network offering this service enabled its clients to commit a multitude of serious crimes that would not have been possible at all without masking the perpetrators’ identities. ‘Phishing’ and ‘smishing’ are methods applied by criminals to gain access to victims’ e-mail and banking accounts. Phishing is a cybercrime where attackers pose as trusted sources through emails, calls, texts, or websites to steal sensitive data like passwords, bank details or credit card numbers, often leading to identity theft, financial loss or malware infections. Smishing is a subtype of phishing carried out via text messages, typically disguised as urgent notices from legitimate sources to trick victims into clicking malicious links or sharing personal information.
Other offences facilitated by this criminal service include fraud, extortion, migrant smuggling and the distribution of child sexual abuse material. Some examples-by no means an exhaustive list-of the criminal activities enabled by the network’s offerings are:
• Fraud on online second-hand marketplaces
Some perpetrators specialised in fraud on second-hand marketplaces. They used the SIM card service to create a vast number of fake accounts, which then served as starting points for fraud enabled by phishing and smishing.
• Daughter–son scam
This type of perpetrators contacts victims via WhatsApp, posing as a daughter or son and claiming to have a new phone number. Citing alleged spontaneous accidents or emergencies and evoking panic with the victim, they demand urgent payments usually in the four-figure range.
• Investment fraud
Victims are usually contacted by telephone and encouraged to deposit larger sums and “invest.” The perpetrators often use remote-access software to gain access to the victim’s device.
• Fake shops and fake bank websites
Rented telephone numbers of the perpetrators were also used in the legal notice and alleged responsible-party details of fake shops and in calls connected to fake bank pages.
• Fake police officers
In this further large-scale phenomenon, the perpetrators used the telephone numbers to convince their mostly Russian-speaking victims of their legitimacy. This crime had an additional  concerning element, as perpetrators posed as police officers with forged IDs and personally collected funds from the victims.