SIM Swap Scams in the United States
How SIM swap fraud operates in the US, targeting crypto holders and high-value account owners by socially engineering mobile carriers to transfer phone numbers.
Part of: SIM Swap Scams
Last reviewed: 1 June 2026
SIM swap fraud in the United States exploits the phone number as an identity anchor — the 'something you have' factor in SMS-based two-factor authentication. By convincing a carrier to reassign a victim's number to a scammer-controlled SIM, attackers gain access to every account protected by SMS verification.
The FCC has adopted rules requiring carriers to implement better SIM change authentication, but SIM swap attacks continue, especially targeting cryptocurrency holders and social media accounts with large audiences.
How this scam works on United States
Attackers purchase personal data — name, address, last four digits of Social Security Number, account PINs — from data breaches or phishing campaigns. Armed with this information, they call the victim's mobile carrier pretending to be the account holder, claim their phone was lost or damaged, and request a SIM transfer to a new device.
Carrier staff insufficiently trained in fraud detection approve the transfer. The victim's phone loses service within seconds. The attacker immediately uses the ported number to reset passwords via SMS on email, bank, crypto exchange, and social media accounts.
High-profile US cases have involved millions of dollars in cryptocurrency drained from exchanges in minutes. Some attackers have insider contacts at carrier stores who process swaps directly for payment.
Common red flags
- Your phone suddenly loses service — no signal, no data, 'SIM not provisioned' error
- Receiving unexpected password reset SMS messages before losing service
- Email notification from your bank or crypto exchange about a login from a new device
- Carrier sending a notification that your SIM was recently changed (if you did not request this)
- Unable to receive calls or SMS after a period of unusual account activity
How to protect yourself
- Add a unique carrier PIN or passphrase for all SIM change requests at your mobile carrier
- Switch from SMS-based 2FA to an authenticator app for all high-value accounts
- Use a hardware security key for cryptocurrency exchange accounts where supported
- Store crypto in cold wallets not linked to exchange accounts protected by SMS 2FA
- Register a secondary email not linked to your phone number for account recovery
How to report it
- Contact your mobile carrier's fraud line immediately — T-Mobile, AT&T, or Verizon all have dedicated fraud teams
- Report to the FTC at reportfraud.ftc.gov and the FBI IC3 at ic3.gov
- File a police report for documentation purposes if crypto or funds were taken
Frequently asked questions
How do I protect my phone number from SIM swap in the US?
Call your carrier and request a SIM lock or port-out freeze — this requires in-store identity verification for any SIM or number porting request. AT&T, T-Mobile, and Verizon all offer account security features. Set a unique account PIN or passphrase distinct from your usual passwords, and switch all important accounts from SMS 2FA to an authenticator app.