Focused guide

SIM Swap Scams in Sweden

Criminals port Swedish mobile numbers to their own SIMs to intercept BankID authentication and drain Swedish bank accounts.

Part of: SIM Swap Scams

Last reviewed: 1 June 2026

Sweden's heavy reliance on BankID — used for banking, government services, and legal agreements — makes SIM-swap fraud particularly damaging. Attackers who successfully port a Swedish mobile number can use the recovered SMS messages or push notifications to intercept BankID authentication requests, enabling account takeover.

Swedish carriers (Tele2, Telia, Tre, Comviq) have tightened identity checks for SIM swaps following police pressure, but social engineering of retail staff or online portals remains a known attack path.

How this scam works on Sweden

Attackers collect victim personal data through phishing or data-breach leaks, then impersonate the victim at a carrier store or call centre to request a replacement SIM. Once the swap completes, the victim loses signal and the attacker intercepts BankID push notifications.

The attacker rapidly initiates bank account login, approves BankID requests, and transfers funds before the victim notices the lost signal. Swish transfers can be completed within minutes.

Crypto exchange accounts linked to Swedish mobile numbers are also targeted for fast irreversible withdrawals.

Common red flags

Your phone unexpectedly loses all mobile signal
Carrier SMS alerts you to a SIM change you did not request
Unexpected BankID authentication requests arrive in your app without any action on your part
Bank alerts you to an attempted or completed login from an unusual device
Carrier confirms a recent SIM swap you do not recognise

How to protect yourself

Add a PIN-lock to your SIM via your carrier's app or store to prevent unauthorised swaps
Use BankID's own fraud alerting by registering for notifications
Never share your BankID code or approve an unsolicited BankID push notification
Set up secondary authentication factors on your e-banking account beyond BankID where possible
Contact your carrier and bank immediately if you unexpectedly lose signal
Report to Polisen and CERT-SE if a SIM swap is confirmed

How to report it

Call your carrier's fraud line immediately and request a port-freeze
Contact your bank's 24-hour fraud line
File a report at polisen.se and notify CERT-SE at cert.se

Frequently asked questions

How fast can a SIM-swap attacker access my Swedish bank account?

Attackers typically move within 30–60 minutes of completing the swap. If you lose signal unexpectedly, call your bank immediately before waiting to confirm the cause.

How this scam works on Sweden

The attacker rapidly initiates bank account login, approves BankID requests, and transfers funds before the victim notices the lost signal. Swish transfers can be completed within minutes.

Crypto exchange accounts linked to Swedish mobile numbers are also targeted for fast irreversible withdrawals.

Common red flags

Your phone unexpectedly loses all mobile signal

Carrier SMS alerts you to a SIM change you did not request

Unexpected BankID authentication requests arrive in your app without any action on your part

Bank alerts you to an attempted or completed login from an unusual device

Carrier confirms a recent SIM swap you do not recognise

How to protect yourself

Add a PIN-lock to your SIM via your carrier's app or store to prevent unauthorised swaps

Use BankID's own fraud alerting by registering for notifications

Never share your BankID code or approve an unsolicited BankID push notification

Set up secondary authentication factors on your e-banking account beyond BankID where possible

Contact your carrier and bank immediately if you unexpectedly lose signal

Report to Polisen and CERT-SE if a SIM swap is confirmed