SIM Swap Scams on Reddit
Fraudsters use Reddit to harvest personal details that enable SIM swap attacks — collecting phone numbers, carrier names, and account clues from public posts to impersonate victims to their mobile carrier.
Part of: SIM Swap Scams
Last reviewed: 1 June 2026
SIM swap fraud does not happen on a single platform but is often enabled by information collected across many. Reddit is a particularly rich source for attackers because users routinely share phone numbers in lost-device threads, publicly mention their mobile carrier in tech support posts, and disclose personal details in hobby communities that can answer security questions.
An attacker who reads a user's post history can piece together a name, rough location, phone number, email, and carrier — enough to construct a convincing impersonation call to a carrier's customer service line. Reddit's open archive means this information persists indefinitely and is searchable by anyone.
How this scam works on Reddit
An attacker targeting a specific Reddit user researches their post history to identify their phone number (often shared in 2FA-related threads or lost-device posts), carrier (mentioned in technical support communities), and personal details that double as security question answers (birthday, city, school).
Armed with this information, the attacker calls the carrier's support line pretending to be the victim, claims the phone was lost or damaged, and requests a SIM transfer to a new card under the attacker's control. Once the transfer is approved, all SMS-based two-factor authentication codes route to the attacker, enabling account takeovers across email, banking, and cryptocurrency platforms.
Reddit is also used as a marketplace where SIM swap services are advertised in private messages or thinly veiled coded posts in certain underground-adjacent communities.
Common red flags
- Unexpected loss of mobile service — calls and texts suddenly stop working without explanation
- Notification from your carrier about a SIM change or account update you did not authorise
- Unable to log in to accounts that use SMS-based two-factor authentication
- Unusual activity notices from banking or cryptocurrency accounts
- Realising your phone number appears in old public Reddit posts alongside carrier or personal details
How to protect yourself
- Add a PIN or passphrase to your mobile account — most carriers offer this as a SIM lock feature
- Remove your phone number from any public Reddit posts, particularly those in tech support or lost-device communities
- Switch from SMS-based two-factor authentication to an authenticator app for all high-value accounts
- Contact your carrier proactively to add a porting freeze or note that no number transfers should be processed without in-person ID verification
- Audit your Reddit post history for any combination of phone number, carrier name, or personal identifiers
How to report it
- Contact your mobile carrier's fraud department immediately if you suspect a SIM swap has occurred
- File a report with the FCC (in the US) at consumercomplaints.fcc.gov or your national telecoms regulator
- Report any Reddit account soliciting SIM swap services to the Reddit admins using the report function
Frequently asked questions
How quickly can a SIM swap attack drain my accounts?
Once an attacker controls your phone number, they can request password resets via SMS for email, banking, and crypto accounts within minutes. The speed depends on the platforms targeted, but significant financial losses have occurred in under an hour of a SIM swap being executed.