SIM Swap Scams: How Criminals Hijack Your Phone Number

What Is a SIM Swap Scam?

A SIM swap scam happens when criminals convince your mobile carrier to transfer your phone number to a SIM card they control. Once they control your number, they receive your calls and text messages — including one-time login codes sent by banks, email providers, and social media apps.

In plain language: they steal your phone number so they can break into your accounts.

How Scammers Pull It Off

Criminals typically collect personal info about you first (from data breaches, phishing, social media, or previous scams). Then they contact your carrier pretending to be you and request a SIM replacement.

Common tactics include:

• Using stolen personal info to pass identity checks
• Calling customer service with a convincing story ("I lost my phone")
• Going to a store with fake ID documents
• Bribing insiders in rare but high-value cases

After the number is transferred, your real phone loses service and their phone starts receiving your text-based security codes.

Early Warning Signs

1) Your phone suddenly has no signal for no clear reason

If service disappears in an area where you usually have signal, and a restart doesn't help, treat it as suspicious.

2) You get account reset emails you didn't request

Especially for email, banking, and social media.

3) You can't log into accounts with your usual password

Password changes may have already happened.

4) Friends say they got strange messages "from you"

Once criminals access your accounts, they often continue spreading scams from your identity.

What Can Happen After a SIM Swap

• Email takeover (the most dangerous step)
• Banking and payment app access
• Social media account hijacking
• Marketplace account fraud in your name
• Crypto account withdrawals
• Identity theft attempts using your compromised profile

Because many accounts still rely on text-message verification, controlling your number can unlock almost everything connected to it.

What to Do in the First 30 Minutes

1. Call your mobile carrier immediately from another phone and say: "I suspect a SIM swap. Lock my number now."
2. Ask for a fraud/security freeze on number transfers and account changes.
3. Recover your primary email first (this is the master key to other accounts).
4. Change passwords for email, banking, and important apps from a trusted device.
5. Turn off SMS-based login where possible and switch to an authenticator app.
6. Call your bank/cards and request fraud monitoring or temporary hold if needed.

How to Recover Your Accounts

After immediate containment, do a full security reset:

• Change all important passwords to unique ones
• Sign out of all sessions/devices where each app allows
• Review account recovery settings (backup emails, phone numbers)
• Remove unknown trusted devices from your accounts
• Enable app-based two-factor login (not SMS)
• Check banking and card activity line by line
• Freeze your credit if personal data may have been exposed

How to Prevent It From Happening

• Add a carrier account PIN/passcode (different from your phone unlock code).
• Ask your carrier to enable "port freeze" or "number lock" if available.
• Use authenticator apps instead of text-message login codes whenever possible.
• Protect your email account like a vault with a strong unique password and two-step login.
• Reduce exposed personal info on social media (birthday, phone, address, etc.).
• Set account alerts for new logins and password changes.
• Use a password manager so every account has a unique password.

SIM swap scammers target people with valuable accounts, but anyone can be hit. A few setup steps now can save months of recovery later.

Frequently Asked Questions