33.3k unique visitors in the last 3 days

Scam Hunters Observe Rising Use of T-Mobile US Prepaid SIMs by Criminals

A group called Demurrage researched 20 separate scams involving over 500 T‑Mobile phone numbers.

Scammers increasingly tell potential victims in the USA to call phone numbers associated with T‑Mobile US prepaid SIMs, according to research by Demurrage, a well-known group of volunteer scam hunters. Demurrage’s findings are comprehensively documented in a written report that was shared with Commsrisk last week and which described ongoing investigative work that commenced in September 2024. Their report lists 20 separate scams involving over 500 phone numbers associated with T‑Mobile US prepaid SIMs.

Demurrage’s conclusions are consistent with recent trends in the quarterly traceback reports of the US Industry Traceback Group, which also suggests significantly increased use of SIMs by scammers. More scam calls were traced to T‑Mobile US than any other telco in the most recent traceback report, which covered the final quarter of 2024. Industry insiders also talk of a rapidly worsening crisis surrounding the use of US mobile networks by scammers, although there has been no acknowledgement of the problem by regulators.

Per the introduction of Demurrage’s report:

A team member correctly suspected that U.S. based mules were buying prepaid T‑Mobile SIMs and routing calls through PBX systems. Since then, we’ve seen a surge in scams using these SIMs.

Members of Demurrage recorded progress with their investigation through a dedicated thread on Scammer.info, a web forum for scam hunters. They soon became frustrated with T‑Mobile’s inaction when they shared intelligence about the numbers that scammers use.

We expected reporting scam numbers to T‑Mobile to be simple, but were surprised by their silence and the lack of a direct reporting system before the end of 2024.

Reporting these prepaid SIMs [to T‑Mobile] has been challenging. Until late 2024, the only option was T‑Mobile’s app, which prepaid users can’t access and even then, it only blocks the number. It does not disable it.

Scammers can still use the number/SIM to target individuals outside the T‑Mobile network.

The scammers’ transition to using SIMs and mobile calls was a predictable consequence of them being rejected by communications channels aimed at bulk users.

Our data shows scammers turned to prepaid SIMs after losing access to toll-free numbers, especially from Sinch, which began shutting down scam numbers in late 2024.

Demurrage observed that stricter know-your-customer (KYC) policies and blocks on the use of virtual private networks (VPNs) had been effective in denying scammers access to the comms platforms they had previously favored. Scammers reacted by obtaining SIMs instead.

…prepaid SIMs remain vulnerable due to the lack of ID checks (KYC) and purchase limits, making them easy for scammers to exploit.

An evident lack of training and forethought meant T‑Mobile employees failed to understand the seriousness of the challenge they faced. Instead of being conscious of the impact of improved controls elsewhere in the communications ecosystem, they wrongly assumed that scammers must have spoofed the numbers in the range assigned to T‑Mobile, even though these numbers were being used to receive inbound calls from victims, not to place outbound calls to victims.

T‑Mobile also tried to push Demurrage towards the Federal Communications Commission (FCC) and the Federal Trade Commission (FTC), the two regulators with an interest in protecting the public from networked scams, despite the scam activity occurring on T‑Mobile’s own network.

Despite providing screenshots of scam pop-ups and recordings of scammers answering as “support,” we were met with the usual excuses that the numbers were spoofed or that we should report to the FCC/FTC.

After pushing further, a rep claimed the numbers were “forwarded for investigation,” yet they remained active for days.

Demurrage captured a live chat with a T‑Mobile employee who did not understand how criminals exploit mobile networks.

Demurrage continues to report the abuse of T‑Mobile numbers but has only received a few bland auto-replies to their messages. Sadly, it is not unusual for telcos to be so discourteous to members of the public that diligently report frauds.

The report from Demurrage ends with a stinging but accurate summation of serious flaws in the US strategy for consumer protection.

If prepaid SIM providers won’t implement KYC policies, they must at least give consumers a reliable way to report scam numbers. Simply advising people to block calls is ineffective and outdated. Without real action, scammers will keep exploiting these networks.

Telecoms and the FTC must choose: protect a few with weak solutions, or protect millions with real reporting tools. It’s that simple.

I am grateful to Demurrage for sharing their report with me. Like T‑Mobile US, I need to be careful when reviewing unsubstantiated claims made by people I do not know, but unlike T‑Mobile US, I can tell the difference between individuals who do good research into crime and corporate robots who respond to genuine problems with hollow platitudes. There needs to be punishment when US network operators fail to respond promptly to credible reports of scam activity on their networks, but as I observed in October 2024, it is difficult to believe there will ever be any punishment when the US self-regulation strategy exhibits obvious conflicts of interest.

Put simply, the biggest US telcos pay for self-regulating reports about whose networks have enabled the most consumer fraud. Their goal is to deflect attention away from telcos like T‑Mobile US, and they guarantee this by paying handsomely for representation by lawyers that previously worked for regulators. Those lawyers then rack up expenses on foreign travel so they can give speeches about the steps that other nations could take to protect American consumers, instead of pinpointing preventative measures that would be completely within American control. When challenged by American legislators they will insist that anti-fraud controls which have been successfully implemented by other countries are ‘not possible’ within the USA.

Instead of regulating themselves, the big US networks have captured their regulators. But who else should be held responsible for the supply of a SIM, the KYC checks executed for the customer that obtained the SIM, the analytics that would identify anomalous use of a SIM, and the deprovisioning of SIMs used for criminal activity? The responsibility lies with the mobile operator. In their report, Demurrage paints a compelling picture of an operator that lacks the conviction or the competence to act upon that responsibility.

The entirety of Demurrage’s report on scammers using T‑Mobile US prepaid SIMs can be seen below, or click here to download it.

Eric Priezkalns
Eric Priezkalnshttp://revenueprotect.com

During his career, Eric has been a Director of Risk Management for a national telco, the Chief Executive of the Risk & Assurance Group, a Chief Marketing Officer for a software business, a consultant, a public speaker and the publisher of Commsrisk since its launch in 2006. Look here for more about the history of Commsrisk and the role played by Eric.

The comms providers that Eric has worked for include Qatar Telecom, Cable & Wireless, T‑Mobile, Sky and Worldcom. In addition to his proficiency at speaking about the current scamdemic, Eric is also a qualified chartered accountant and a subject matter expert in consumer protection, enterprise risk management, fraud prevention, data integrity and billing accuracy. Eric was the lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He can be reached through the contact form on this website.

Related Articles

The Commsrisk Global Fraud Dashboard


Our Global Fraud Dashboard uses AI-powered search to collate, update and visualize data about scams and other network abuses from around the world. New charts are added each month. See it here.

Get Our Weekly Newsletter by Email