Port-Out Fraud
Fraudulently transferring a victim's mobile phone number to a different network without their consent, redirecting calls and texts to the attacker.
Also known as: number porting fraud, unauthorized port-out, number transfer fraud
Last reviewed: 1 June 2026
Port-out fraud exploits the legitimate phone number porting process — which lets customers keep their number when switching carriers — by having fraudsters impersonate the account holder to a new carrier and requesting a transfer. Unlike a SIM swap (which stays on the same network), a port-out moves the number to an entirely different operator, often making it harder for the original carrier to detect and reverse quickly.
The attack requires knowledge of the victim's personal details: full name, address, account number, and sometimes a PIN or last four digits of a Social Security or National Insurance number. Fraudsters obtain this information through phishing, data breaches, or social engineering the original carrier's customer service.
Once ported, the number is immediately active on the attacker's SIM, enabling SMS OTP interception across all linked accounts. Victims typically only realise something is wrong when they lose mobile service. Carriers have introduced porting authorisation codes and port-freeze options in response, but implementation varies by provider and country.
Examples
- A fraudster contacts a carrier posing as the account holder, provides details gathered from a data breach, and ports the victim's number to a new SIM on a different network.