Recovery guide

SIM Swap Attack Recovery

If your phone number was hijacked, act immediately to restore it and secure every account that used SMS 2FA.

Last reviewed: 1 June 2026

First 10 minutes

Call your mobile carrier's fraud line immediately and report the unauthorised SIM swap
Ask them to reverse the swap and restore your number to your SIM
Ask them to place a port lock or SIM lock on your account
From a different device or via Wi-Fi calling, start changing passwords on financial and email accounts
Move 2FA away from SMS on critical accounts — use an authenticator app instead

First 24 hours

Change passwords and 2FA on every account that used SMS verification
Check financial accounts for any unauthorised transactions or withdrawals
Contact your bank and alert them to the SIM swap
Check email for password resets or logins triggered during the window
Report to your national fraud service and the carrier's formal complaints process

Contact your bank or payment provider

Alert your bank immediately — SIM swaps are commonly used to bypass banking 2FA
Ask them to add a verbal or in-branch verification requirement temporarily
Review recent transactions and dispute any unauthorised activity
Ask about replacing any compromised cards or authentication tokens

Evidence to preserve

Note the time and date your phone lost signal or you were locked out of accounts
Save any alerts from financial or other services during the attack window
Get a written confirmation from your carrier of the unauthorised swap
Record which accounts showed suspicious access or password resets

Secure your accounts and devices

Switch all important accounts from SMS 2FA to an authenticator app (e.g. Authy, Google Authenticator)
Add a carrier account PIN or passphrase to prevent future swaps
Review recovery options on all accounts and remove phone numbers where possible
Change passwords on any account accessed during the attack window
Check email for rules or forwarding set up by the attacker

Report it

Report to your mobile carrier's fraud team and get a case reference
Report to your national fraud/cybercrime service
Report to your national telecoms regulator if the carrier is unresponsive
Keep all reference numbers

A SIM swap transfers your mobile number to a new SIM card controlled by the attacker, giving them access to every service that sends verification codes by SMS. This is most often used to break into banking and cryptocurrency accounts.

The key steps are: restore your number with your carrier, change passwords and SMS-based 2FA on every sensitive account (working from a device that uses Wi-Fi, not your compromised phone number), and check for activity during the window you were locked out.

For prevention going forward, ask your carrier to add a port lock or account PIN, and switch important accounts to authenticator-app 2FA rather than SMS. Carriers and regulators in many countries take SIM fraud seriously — report formally and ask for written confirmation of the incident.

Frequently asked questions

How do I know if I have been SIM swapped?

Your phone loses signal suddenly (shows 'No Service' or 'SOS only'), you stop receiving calls and texts, and you may get alerts about password resets or logins you did not initiate.

Can my carrier reverse the SIM swap?

Yes — call them immediately and report it as fraud. They can restore your number to your original SIM and lock your account against further port attempts.

Is SMS two-factor authentication still worth using?

SMS 2FA is better than nothing, but authenticator apps are more secure. Wherever you have the option, switch to an authenticator app — especially for banking, email, and crypto.

Can I prevent future SIM swaps?

Ask your carrier to add a port protection PIN or verbal passphrase to your account. This adds a step that the attacker cannot easily bypass by social-engineering a store employee.

Sources

First 10 minutes

Call your mobile carrier's fraud line immediately and report the unauthorised SIM swap

Ask them to reverse the swap and restore your number to your SIM

Ask them to place a port lock or SIM lock on your account

From a different device or via Wi-Fi calling, start changing passwords on financial and email accounts

Move 2FA away from SMS on critical accounts — use an authenticator app instead

First 24 hours

Change passwords and 2FA on every account that used SMS verification

Check financial accounts for any unauthorised transactions or withdrawals

Contact your bank and alert them to the SIM swap

Check email for password resets or logins triggered during the window

Report to your national fraud service and the carrier's formal complaints process

Secure your accounts and devices

Switch all important accounts from SMS 2FA to an authenticator app (e.g. Authy, Google Authenticator)

Add a carrier account PIN or passphrase to prevent future swaps

Review recovery options on all accounts and remove phone numbers where possible

Change passwords on any account accessed during the attack window

Check email for rules or forwarding set up by the attacker

Frequently asked questions

How do I know if I have been SIM swapped?

Your phone loses signal suddenly (shows 'No Service' or 'SOS only'), you stop receiving calls and texts, and you may get alerts about password resets or logins you did not initiate.

Can my carrier reverse the SIM swap?

Yes — call them immediately and report it as fraud. They can restore your number to your original SIM and lock your account against further port attempts.

Is SMS two-factor authentication still worth using?

SMS 2FA is better than nothing, but authenticator apps are more secure. Wherever you have the option, switch to an authenticator app — especially for banking, email, and crypto.

Can I prevent future SIM swaps?

Ask your carrier to add a port protection PIN or verbal passphrase to your account. This adds a step that the attacker cannot easily bypass by social-engineering a store employee.