A global crackdown on SIM box fraud, led by Interpol under Operation Red Card, has resulted in over 40 arrests in South Africa and more than 1000 criminally-linked SIM cards seized.
Operation Red Card was part of Interpol’s African Joint Operation against Cybercrime (AFJOC) and brought together law enforcers from Benin, Côte d’Ivoire, Nigeria, Rwanda, South Africa, Togo and Zambia from November 2024 to February 2025.
According to Interpol, the cases uncovered during the operation involved more than 5 000 victims with over 300 suspects arrested in total.
Ahead of the operation, countries exchanged criminal intelligence on key targets.
Across the seven participating countries, operation Red Card resulted in the arrest of 306 individuals suspected of links to cybercrimes such as mobile banking, investment and messaging app scams, and seizure of 1 842 devices.
In South Africa 53 desktops and towers linked to a sophisticated SIM box fraud scheme were also seized.
Interpol explained this setup, which reroutes international calls as local ones, is commonly used by criminals to carry out large-scale SMS phishing attacks.
Interpol’s director of the Cybercrime Directorate, Neal Jetton, said: “The success of Operation Red Card demonstrates the power of international cooperation in combating cybercrime, which knows no borders and can have devastating effects on individuals and communities. The recovery of significant assets and devices, as well as the arrest of key suspects, sends a strong message to cybercriminals that their activities will not go unpunished.”
The international agency added that intelligence was “enriched by Interpol with insights into criminal modus operandi using data from its private sector partners—Group-IB, Kaspersky and Trend Micro”.
Global Public Affairs vice president Yuliya Shlychkova at cybersecurity company Kaspersky said the evolving threat landscape in Africa requires a “multi-stakeholder dialogue and joint efforts of public and private organisations to address the cybersecurity challenges the region faces today”.
Local network provider, MTN SA said it was also working closely with a joint task force, including Communication Risk Information Centre (COMRiC NPC), SAPS, the National Prosecuting Authority, and the South African Banking Risk Information Centre (SABRIC), to combat this fraud.
“SIM farming is a widespread issue impacting all network operators across South Africa, and we are actively monitoring the fraud and taking steps to address it. While incidents of SIM fraud-related have been reported, it is important to note that MTN has not been as heavily targeted as some other network operators. In the cases we have sampled, the syndicates have been loading applications such as WhatsApp onto the SIMs after activation on the network. To date, we have not suffered any financial loss as a result of these activities,” MTN SA said.
Royal Investigations investigator John Alexander said the widespread circulation of unregistered SIM cards posed a significant challenge for investigators.
“This type of setup is primarily used in Lotto and ancestry scams, with elderly individuals being the main targets. We are also seeing this modus operandi increasingly applied in ‘courier parcel’ scams, where victims receive an SMS claiming that a parcel has been sent. Soon after, they are asked to pay a fee – only to discover that the parcel never existed,” said Alexander.
Crime expert and University of Johannesburg research associate, Calvin Rafadi, said: “Recent police operations exposed large-scale operations with SIM manufacturing equipment in Gauteng and the Free State, which allowed criminals to bypass RICA registration procedures altogether. Cybercriminals, including those based within prisons, use these untraceable SIM cards to carry out scams. However, the financial industry is especially vulnerable to SIM-based fraud due to the rise in mobile banking fraud, which has grown as telecommunications and financial services become more connected.”
Cape Times
