Secret Service Exposes Hidden “SIM Farms” in NYC—What You Need to Know About This Cyber Threat and How it Affects YOU

/in /by

Many people believe they’re being individually targeted by scammers when they get a fake text message. While this can happen in some cases, most of these deceptive messages are actually sent out to millions of random, unknown numbers.

Fake and spam text messages often come from SIM farms—systems exploiting hundreds of SIM cards to send mass scam or phishing texts from random “wrong numbers”. These messages aim to trick recipients into clicking malicious links, sharing personal data, or transferring money for fraud and identity theft. The purpose is rapid financial gain or data harvesting, with criminals masking origins to avoid detection.

The U.S. Secret Service dismantled a vast hidden telecommunications network scattered across the New York tristate area in September 2025, right as world leaders were gathering for the U.N. General Assembly in Manhattan. This network included more than 300 SIM servers, which are made up of SIM boxes also known as SIM farms, and over 100,000 SIM cards, with the infrastructure spread across at least five sites in abandoned locations within a 35-mile radius of the United Nations headquarters.

Threat and Potential Damage

Investigators discovered that these devices could:

  • Disable cell towers across New York City, potentially blacking out cellular communication.
  • Overwhelm networks by sending up to 30 million text messages per minute. Network overload, when this is done maliciously as a cyberattack, is a Denial-of-Service (DoS) attack or, more commonly, a Distributed Denial-of-Service (DDoS) attack. These attacks flood a network or server with so much traffic that it cannot handle legitimate requests and becomes unavailable.
  • A SIM DoS can jam emergency communications, such as 911 calls, and disrupt police and EMS channels.
  • Mask encrypted communications between nation-state actors, criminal groups, and possibly terrorist entities.

Origin and Discovery

The network was exposed during a larger investigation into telephonic threats directed at senior U.S. government officials earlier in 2025. Forensic analysis of the seized equipment is ongoing, but early findings suggest coordinated communications between foreign governments and suspected criminals.

It was likely an IMSI catcher, or cell-site simulator, a device that mimics a legitimate cell phone tower was used in the discovery process. A SIM farm, acting like a swarm of mobile devices can’t be too difficult to detect if you’re looking for it. When a mobile device is in its vicinity, it tricks the phone (SIM farm) into connecting to the device instead of a real cell tower. Once connected, the IMSI catcher can “sniff out” and collect data from the device. This can include the device’s unique IMSI number, physical location, and in some cases, even the content of unencrypted communications like calls or text messages. The technology is often used by law enforcement, and “StingRay” is a well-known brand name for this type of device.

Security Response

Given the timing with the U.N. General Assembly, officials described this as a “well-funded, highly organized” operation with the potential for catastrophic disruption if activated. While there was no evidence of a direct plot targeting the General Assembly, the risk posed by the network made immediate action necessary.

Ongoing Investigation

Authorities from multiple agencies, including the Department of Homeland Security, the Department of Justice, the Office of the Director of National Intelligence, and NYPD, collaborated in the operation. Work continues to identify those behind the network and determine the full extent of its intended use.

This takedown marks one of the most significant preemptive interruptions of a telecommunications threat in American history, highlighting new forms of risk to the digital infrastructure that supports both daily life and emergency response in major urban centers.

A SIM farm is a system that uses a large number of SIM cards, often managed by devices known as SIM banks or SIM boxes, to send thousands or even millions of calls or text messages rapidly over mobile networks. These setups typically exploit telecom infrastructure by routing calls or messages through many SIM cards, reducing costs and making it hard to trace the origin of the traffic. SIM farms can be used for mass marketing, but they are most commonly associated with spam, scams, bypassing legal telecom channels, or fraud.

Are SIM Farms Illegal?

SIM farms are illegal in most jurisdictions, especially when used for large-scale fraud, scam calls, mass spam, or to evade telecommunications regulations. While some aspects of the technology (like SIM banks for legitimate bulk messaging) can have legal uses, operating systems that use hundreds or thousands of SIM cards to deliberately circumvent telecom rules typically violates the law and the terms of service of mobile operators. Enforcement actions and outright bans are being introduced in many countries to prevent their use.

Common Examples of SIM Farm Messages

Every day, consumers may receive various types of communications sent via SIM farms, typically designed to promote scams, phishing, or mass advertising. These unsolicited messages can appear highly convincing and are often sent in huge volumes using SIM farms.

  • “Congratulations! You’ve won a $500 Amazon gift card. Claim it here [Link].”
  • “ACTION REQUIRED. Please verify your Bank of America account information to avoid a hold on your account. Click here to confirm: [Link]”
  • “Get delivery updates on your USPS order [Number] here: [Link]”
  • “Your [account name] verification code is: 123456. If you did not request this, secure your account here: [phishing link]”
  • “IRS Notice: You have an outstanding tax issue. Immediate action is required to avoid penalties. Visit: [fake IRS website link]”
  • “Your electricity service will be disconnected due to non-payment. Pay now: [fake payment link]”
  • “URGENT: This is a final notice regarding an outstanding debt. Failure to pay will result in legal action. Contact us immediately at: [fake phone number] or visit: [suspicious link]”
  • “Insiders say [Cryptocurrency] is about to explode in value. Buy now while the price is still low: [scam cryptocurrency link]”

Typical Purposes of SIM Farm Messages

  • Promotion of fake prizes, lotteries, or refunds.
  • Bank and account phishing schemes seeking personal details.
  • Impersonating government agencies, utilities, or delivery services.
  • Spreading malware or phishing links.
  • Attempts to collect payment or sensitive personal data under false pretenses.

These messages are often sent at a massive scale and may appear to come from local or legitimate numbers, exploiting consumer trust and network vulnerabilities.

How to Protect Yourself From SIM Scams?

  • Do not click suspicious links.
  • Never reply to unknown numbers.
  • Block spam numbers on your device.
  • Use phone’s spam filter settings.
  • Enable multifactor authentication (MFA).
  • Keep devices and apps updated.
  • Verify messages via official channels.
  • Avoid sharing your number online unnecessarily.
  • Use antivirus or anti-malware for phones.

Don’t worry about it. Just delete it.

Robert Siciliano CSP, CSI, CITRMS is a security expert and private investigator with 30+ years experience, #1 Best Selling Amazon author of 5 books, and the architect of the CSI Protection certification; a Cyber Social Identity and Personal Protection security awareness training program. He is a frequent speaker and media commentator, and CEO of Safr.Me and Head Trainer at ProtectNowLLC.com.