Companies and websites get breached all the time, and sometimes the information that’s obtained includes your name and phone number. These databases end up floating around various sites/the dark web and make their way into the hands of telemarketers. Or your details are sold directly to them willingly by companies you do business with. Either way, your name and number and probably other info ends up on a telemarketing list. Sometimes they just randomly generate phone numbers, it’s a known format.

The telemarketers then have computer programs send bulk text messages automatically using SMS gateways or other internet-connected messaging infrastructure. Or the software dials the numbers automatically using a VOIP gateway, and anyone who answers gets connected to some call centre in whatever country has people desperate enough to get paid next to nothing convincing naive people to send money or access their computer or whatever.