Consumer ProtectionJuly 2024In force

TRC Directs Operators to Detect and Address Silent SIM Fraud

A directive addressed silent SIM fraud, requiring operators to detect and neutralise SIMs used for automated fraud, spam and misuse of numbering resources.

Development

In 2024 the Cambodian authorities addressed the specific problem of "silent" SIMs, that is, SIM cards that are activated on the network but that show little or no legitimate user activity over extended periods and that are frequently associated with fraud, scam calls, unauthorised marketing and other harmful behaviour. The measures require operators to implement detection tools, to investigate suspicious accounts and to take appropriate action to disrupt harmful use of silent SIMs.

The measures complement earlier work on SIM registration, IMEI-based control and consumer protection, forming part of a broader effort to reduce the incidence of harmful activity that relies on mobile channels.

Definition and characteristics of silent SIMs

The measures describe silent SIMs at a functional level rather than by rigid quantitative thresholds. Common characteristics include the absence of ordinary voice traffic, the concentration of activity in short, intensive bursts of outbound calls or messages, unusual patterns of device changes, geographic patterns inconsistent with individual use and, in some cases, the association of the SIM with equipment such as SIM boxes or automated messaging systems.

The measures recognise that some legitimate use cases can generate patterns resembling those of silent SIMs, including certain machine-to-machine applications and infrequently used backup subscriptions. Detection tools should therefore combine multiple signals rather than relying on any single indicator, and remediation should include appropriate procedures for legitimate users whose SIMs are flagged.

Detection tools and analytics

Operators are expected to develop analytical tools capable of identifying patterns associated with silent SIMs. These tools typically draw on data from the network, from the subscriber base and from complaint or fraud investigation channels. Machine-learning approaches can support pattern detection, but they should be complemented by rule-based checks that make results explainable and auditable.

Detection tools should be integrated into operational processes so that flagged accounts can be reviewed promptly, so that appropriate action can be taken and so that lessons can inform ongoing refinement of the tools. Aggregate information about the incidence and characteristics of silent SIMs can support cooperation with the regulator and with law enforcement.

Investigation and action

When a SIM is flagged, operators are expected to conduct an appropriate investigation, taking into account the strength of the indicators, the potential for harm and the possibility of legitimate use. Actions available range from monitoring the account more closely to imposing restrictions on outbound traffic, contacting the registered user, requiring re-verification of identity or, in serious cases, suspending or terminating service.

Actions should be proportionate and should include safeguards for legitimate users, including the ability to challenge decisions, to provide additional information and to have services restored where the concerns can be resolved. Records should be maintained so that decisions can be reviewed and so that patterns can inform improvements.

Cooperation with authorities and other operators

Silent SIM problems frequently cross the boundaries of individual operators and, in some cases, national borders. Operators are expected to cooperate with each other on aggregate patterns, particularly where activity moves between networks, and to cooperate with law enforcement and consumer protection authorities where individual cases suggest criminal behaviour or serious consumer harm.

Cooperation should be conducted in a manner consistent with data protection and other legal obligations. Formal frameworks for information sharing, supported by legal advice, can support cooperation while managing legal risks.

Interaction with consumer protection and privacy

Silent SIM measures interact with wider consumer protection and privacy considerations. Consumers whose SIMs are flagged in error may face inconvenience and disruption, particularly if they rely on the SIM for important communications. Communication should be clear, procedures for review should be accessible and reactivation should be prompt where the concerns can be resolved.

Personal data collected in the context of silent SIM investigations should be handled in accordance with data protection principles. Access should be limited to authorised personnel, retention should be appropriate to the purpose and any sharing should be based on a clear legal basis.

Enterprise and machine-to-machine considerations

Enterprise customers, particularly those with machine-to-machine deployments, may find that certain SIMs in their fleets resemble silent SIMs from an analytical perspective. Operators offering enterprise services are expected to distinguish between silent SIMs associated with harmful behaviour and legitimate low-activity subscriptions, drawing on customer information and on documented use cases.

Enterprise customers should provide operators with sufficient information about their deployments to support this distinction, and should design their fleets so that individual devices can be identified and legitimate use patterns understood.

Practical implications and next steps

For operators, the measures call for investment in detection capabilities, investigation processes and customer-facing procedures. Governance arrangements should ensure that the different functions involved, including fraud, security, legal, customer service and technical teams, cooperate effectively, and that decisions affecting customers are made with appropriate oversight.

For enterprise customers, the measures reinforce the importance of communicating with operators about the nature of their deployments, of maintaining accurate registration information and of designing operational processes that can respond promptly if legitimate SIMs are flagged.

For consumers, the measures should reduce exposure to fraud and scam activity while providing appropriate protection for legitimate use. Awareness of the operator's channels for reporting suspicious activity and for challenging decisions is helpful.

Lex Civora advises operators, enterprise customers and other stakeholders on the interpretation and application of the silent SIM measures, on the design of detection and investigation processes and on the interaction between these measures and broader fraud, consumer protection and data protection frameworks.

Last verified: 14 July 2026

This article is provided for general information only and does not constitute legal advice. Regulatory positions may change; readers should verify obligations against the current official publication or seek professional advice before acting.

Related insights