SIM Swap Scams on Facebook
Facebook profiles are mined by SIM swap attackers for personal details that answer carrier security questions, while Facebook Messenger is also used to impersonate contacts and gather phone numbers for targeted attacks.
Part of: SIM Swap Scams
Last reviewed: 1 June 2026
Facebook's combination of real identity data and long personal post histories makes it one of the richest sources of information for social engineering attacks including SIM swaps. A profile showing a person's full name, birthday, hometown, school, employer, and family relationships provides most of the data a carrier's security system relies on to verify identity.
Messenger is additionally used as an attack surface: scammers impersonate a target's friend and ask casually for their phone number or carrier name, framing it as a lost contacts request. The relaxed, familiar nature of Messenger conversations means many users share this information without concern.
How this scam works on Facebook
An attacker targeting a high-value individual maps their public Facebook profile and post history to compile answers to common carrier security questions: birth date, mother's maiden name, first pet, hometown, and high school. This information enables a convincing impersonation call to the carrier's customer service line requesting a SIM transfer.
Facebook Messenger impersonation involves cloning a mutual friend's account or messaging from a compromised account to ask the target directly for their phone number or to confirm which mobile carrier they use. The request is framed naturally — 'I lost all my contacts when I switched phones' — and the target volunteers the information without suspicion.
Some attackers build target lists by scraping Facebook groups dedicated to cryptocurrency or investment, identifying users who discuss significant holdings and then cross-referencing public profiles to assemble the data needed for a SIM swap attack.
Common red flags
- Your Facebook profile and posts collectively reveal enough detail to answer carrier security questions
- A Facebook friend unexpectedly asks for your phone number or carrier name without a clear reason
- Your phone loses signal unexpectedly and cannot send or receive messages or calls
- You receive account security emails or texts from services you did not initiate
- A friend reports their Facebook account was compromised around the time they messaged you asking for personal details
How to protect yourself
- Review your Facebook privacy settings and restrict personal details — particularly birthday, hometown, and relationship data — to friends or only you
- Set a SIM lock PIN with your carrier and request that number ports require in-store identity verification
- Be cautious about confirming your phone number or carrier to anyone via Messenger, even apparent friends
- Enable account activity alerts on all financial and email accounts so unexpected logins are flagged immediately
- Switch from SMS-based two-factor authentication to an authenticator app for all high-value accounts
How to report it
- Report any account impersonating a friend to Facebook using the 'Report' option on the profile
- Contact your mobile carrier's fraud department immediately if you believe a SIM swap has taken place
- File a report with your national cybercrime authority if financial accounts were accessed as a result
Frequently asked questions
Should I make my Facebook birthday private?
Yes. Your birthday is commonly used as a carrier account verification answer. Keeping it visible only to yourself or trusted friends significantly reduces the information available to a SIM swap attacker researching your profile.