The short answer is encryption, just like your web browser and HTTPS certs.

Your phone uses encryption keys from your SIM card to encrypt and decrypt the data being transmitted through the tower.

It’s not that the data signal can’t be intercepted and recorded. It’s that it can’t be understood.

Starting from 4G, UEA and UIA features of a cell network all became mandatory, in 2G and 3G they are partially or completely optional.

UIA doesn’t encrypt user data, it only encrypts the commands and integrity protection frames, so the data is plaintext but only the authenticated parties can generate and verify them, so the communication cannot be forged.

UEA encrypts the actual user data frames so nothing apart from the cell towers and user equipment that has the user’s USIM cards can encrypt and decrypt them, making the content of the communication private.

[removed]

[removed]

Simple- they do get intercepted and read, all the time. There are just so many text messages being sent that finding the particularly useful ones is like trying to catch a specific raindrop in the middle of a thinderstorm.