Threat Glossary

What is SIM swapping?

SIM swapping (also called SIM hijacking or a port-out scam) is a social-engineering attack in which a criminal convinces your mobile carrier to transfer your phone number to a SIM card they control — instantly hijacking your calls, texts, and any SMS-delivered two-factor codes.

Your phone number has quietly become a master key. It receives password-reset links and one-time codes for your email, your bank, and your crypto exchange. SIM swapping attacks that key directly — not by hacking your phone, but by tricking the human at the carrier into handing your number to someone else. Here is how the attack runs and how to lock it down.

How a SIM swap works

The attacker doesn’t touch your device. Instead they impersonate you to your carrier:

  • Reconnaissance. They gather your name, phone number, address, and date of birth — typically from data brokers and old breaches — plus answers to common security questions.
  • The pretext. They call or visit a store claiming to be you with a “lost” or “damaged” phone, and ask the carrier to activate a new SIM. Sometimes they bribe or socially engineer a store employee directly.
  • The port. The carrier moves your number to the attacker’s SIM. Your real phone loses signal — often the only warning sign.
  • The payoff. With your number, they trigger password resets and intercept the SMS codes for your email, bank, and exchange accounts, draining them within minutes.

Warning sign: if your phone suddenly shows “No Service” or “SOS only” and it isn’t a network outage, treat it as a possible SIM swap in progress and contact your carrier immediately from another line.

Why attackers target your number

SIM swapping is popular because so many services still treat a phone number as proof of identity. Once an attacker owns your number, SMS two-factor stops protecting you and starts working for them — every reset code goes to their device. High-value targets are people with cryptocurrency, but anyone with a bank login, an email account, or valuable social media handles is worth swapping. Because the raw material is your leaked personal data, reducing that exposure directly reduces your risk.

Real-world examples

SIM-swap crews have stolen millions in cryptocurrency by hijacking the phone numbers of investors and executives, taken over high-value social media handles to resell them, and locked victims out of their own email and banking. In several documented cases the attackers succeeded not because of sophisticated hacking but because a carrier employee approved the change based on personal details that were freely available from data brokers. Cutting off that data supply is a first-order defense.

How to protect yourself

Concrete steps you can take today to reduce your exposure.

Set a carrier port-freeze / PIN

Every major carrier offers a Number Transfer PIN, port-out lock, or account passcode. Set one, and enable any “port protection” feature your carrier provides.

Move off SMS two-factor

Use an authenticator app or a hardware security key instead of text-message codes for your email, bank, and any crypto accounts. SMS is the weakest form of two-factor.

Protect your email first

Your email is the reset hub for everything else. Give it the strongest authentication you have so a hijacked number alone can’t open it.

Reduce your data exposure

SIM swaps run on your leaked name, address, and date of birth. Removing that data from brokers and breaches starves the social-engineering script.

Use a separate number for recovery

Consider a dedicated VoIP or secondary number for account recovery that isn’t your publicly known cell, so it can’t be socially engineered as easily.

Act fast on loss of service

If your phone unexpectedly loses signal, call your carrier immediately and check your key accounts — minutes matter during an active swap.

Frequently asked questions

How do I know if I’ve been SIM swapped?

The clearest sign is a sudden, unexplained loss of cellular service — no calls, texts, or data — that isn’t a network outage. You may also get notifications of logins or password changes you didn’t make. If this happens, contact your carrier from another line and secure your email and financial accounts right away.

Is SMS two-factor authentication still safe?

SMS two-factor is far better than no second factor, but it is the weakest option because it depends on control of your phone number, which a SIM swap defeats. For high-value accounts, use an authenticator app or a hardware security key instead.

Can a SIM swap be reversed?

Yes — your carrier can restore your number to your legitimate SIM, but any accounts the attacker accessed in the meantime may already be compromised. Speed is critical, which is why locking down your number and moving off SMS beforehand matters so much.

See what’s exposed about you — free

Attackers start with the data that’s already public: your leaked passwords, your breached accounts, and your address on data-broker sites. Run a free scan to see exactly what’s out there about you — then remove it.

The first scan is free with no signup. Broker removals are filed as your authorized agent under CCPA and state-equivalent law. Your results are private to you — we never sell your data.