Warning: Account takeover scams via SIM swap and mobile fraud
Scammers are hijacking mobile phone numbers through SIM swaps and porting fraud to intercept one-time codes, then taking over banking, email and social media accounts.
Using personal details gathered from phishing, data breaches, or social media, a scammer contacts a mobile carrier posing as you and convinces them to transfer your phone number to a SIM card or device they control. Once the switch happens, your real phone loses service, and the scammer starts receiving your calls and texts, including one-time login codes.
With those codes, the scammer can reset passwords and take over email, banking, and social media accounts before you notice, often within minutes of the swap. A sudden, unexplained loss of phone signal is frequently the first warning sign.
A joint alert from Australia's communications regulator and the National Anti-Scam Centre's Scamwatch is warning consumers to add a PIN or extra verification to their mobile account, and to treat unexpected loss of phone signal as a possible sign of account takeover in progress.
What to do
- Add a PIN, password, or extra verification step to your mobile carrier account
- Treat a sudden, unexplained loss of phone signal as a red flag — contact your carrier immediately
- Use an authenticator app rather than SMS for two-factor authentication where possible
- Set up alerts and strong, unique passwords on your email and banking accounts
- If you suspect a SIM swap, contact your carrier and bank immediately to lock down accounts