Europol on Friday announced the disruption of its advanced Cybercrime-as-a-Service (CaaS) platform that operated SIM farms and enabled customers to commit crimes ranging from phishing to investment fraud.
The coordinated law enforcement operation, dubbed Operation SIMCARTEL, conducted 26 raids resulting in the arrest of seven suspects and the seizure of 1,200 SIM box devices containing 40,000 active SIM cards. Five of those detained are Latvian nationals.
Additionally, on October 10, 2025, five servers were taken down and two websites advertising their services, gogetsms(.)com and apisim(.)com), were hijacked and a seized banner was displayed. Separately, four luxury cars were seized and the suspect’s bank accounts worth 431,000 euros ($502,000) and cryptocurrency accounts worth 266,000 euros ($310,000) were frozen.
The countries participating in the operation consisted of the authorities of Austria, Estonia, Finland and Latvia, in cooperation with Europol and Eurojust.
According to Europol, the criminal network is responsible for more than 1,700 separate cyber fraud cases in Austria and 1,500 in Latvia, resulting in total losses of approximately 4.5 million euros ($5.25 million) and 420,000 euros ($489,000) in both countries, respectively.
“Criminal networks and their infrastructure are technologically highly sophisticated, allowing perpetrators around the world to utilize this SIM box service to carry out a wide range of telecommunications-related cybercrimes and other crimes,” the agency said.
This infrastructure provided registered phone numbers to people in more than 80 countries for use in criminal activities such as setting up fake accounts on social media and communication platforms, with the main purpose of hiding their original identity and location. In total, the service enabled the creation of over 49 million online accounts.
These accounts were used to carry out phishing and smishing attacks, and to perpetrate financial fraud by tricking victims into investing funds in bogus trading schemes. In the other, they would contact them on WhatsApp posing as their daughters or sons, claiming they had a new number and asking them to send money in the four-digit range for emergencies.
Other crimes enabled through this platform include extortion, immigrant smuggling, and distribution of child sexual abuse material (CSAM).
According to a snapshot captured in the Internet Archive, GoGetSMS is marketed as a way to get “fast, secure, temporary phone numbers,” with over 10 million numbers available and the ability to receive verification codes from over 160 online services.
On its website, GoGetSMS also offers the ability to monetize existing SIM cards by turning them into a “powerful asset for generating passive income” using “proprietary software,” allowing cardholders to earn money for every SMS message sent.
Review website Trustpilot is complaining that paid users are having problems obtaining temporary numbers through GoGetSMS, with one user claiming he was unable to obtain a valid number after purchasing a US number on the platform. “I tried many times and it was a waste of time and money. Support is completely unresponsive. No help, no refunds, nothing,” the user added.
In a coordinated announcement, the Latvian State Police said the platform was designed for anonymous communication and payments and affected 3,200 people in different countries.
