SIM Swap Fraud

In a SIM swap attack, the fraudster contacts your mobile carrier — by phone, online chat, or in person at a store — and impersonates you using personal details gathered from data breaches, social media, or prior social engineering. They claim to have lost their phone or damaged their SIM and request that your number be reassigned to a new SIM they possess. When the carrier complies, your legitimate SIM loses service and all calls and SMS messages — including two-factor authentication codes — are delivered to the attacker.

With control of your number, attackers typically target financial accounts and cryptocurrency wallets, requesting password resets and intercepting the SMS codes required to complete them. High-profile SIM swap cases have resulted in losses of millions of dollars in cryptocurrency. The attack window can be very short; professional fraudsters often drain accounts within minutes of completing the swap.

Carriers have responded by requiring staff to follow stricter verification procedures and by allowing customers to set port-freeze or SIM-lock restrictions. Consumers should set a strong, unique SIM PIN or passcode with their carrier, not limited to the last four digits of a Social Security number. More importantly, replace SMS-based two-factor authentication with an authenticator app or hardware key on all high-value accounts.