ScamWatch

If you feel you're being scammed in United States: Contact the Federal Trade Commission (FTC) at 1-877-382-4357 or report online at reportfraud.ftc.gov

SIM Swap Explained: How Scammers Hijack Numbers and Lock Down Your Phone Account

Cardboard box containing a folded shirt and a payment terminal, perfect for e-commerce themes.

What is a SIM swap (SIM hijacking) and why it matters

A SIM swap (also called SIM hijacking, port-out scam, or simjacking) is a type of account takeover where a fraudster convinces a mobile carrier to move your phone number to a SIM card they control. Once they control your number, they can receive SMS verification codes and password reset links, unlock accounts protected by text-based multi-factor authentication, and take over email, banking, crypto, and social accounts.

This attack commonly starts with the criminal gathering personal information (from phishing, data breaches, social media, or bought data) and then using social engineering or forged documents to persuade a carrier rep to activate a new SIM or port the number to another provider. For a concise consumer explanation of how this works and basic protections, see guidance from the FTC.

How scammers typically carry out a SIM swap (step‑by‑step)

  1. Reconnaissance: The attacker gathers details — full name, birth date, phone number, last 4 of SSN, account numbers, or answers to security questions — from breaches, social profiles, phishing or data brokers.
  2. Contacting the carrier: Using that data, the scammer calls or chats with the carrier (or uses forged ID documents) and requests a SIM change or number port to a new device.
  3. Activation: If the carrier approves, the victim’s phone loses service while the attacker’s device receives calls and SMS messages for that number.
  4. Account takeovers: The attacker requests password resets or SMS codes sent to the hijacked number, then logs into email, bank, social and crypto accounts and may lock out the victim.

Security writeups and incident guides emphasize these human‑verification failures at carriers as the central weakness attackers exploit. Real‑world case reports and consumer advisories describe these same steps.

Warning signs and immediate actions if you suspect a SIM swap

Warning signs: your phone suddenly loses service, you get unexpected "SIM activated" messages, you can’t log in to accounts that previously accepted your password, or you see unfamiliar account reset emails or withdrawal alerts.

If you notice any of the above, act quickly:

  • Contact your mobile carrier immediately (use a different device or landline). Ask them to freeze or reclaim the number and to block any further porting or SIM changes.
  • Log into (or call) your email, bank, and primary accounts from a secure device and change passwords and recovery options. If you can't access email, contact the provider's support line as a priority.
  • Report the incident to the FTC at ReportFraud.ftc.gov and, for serious financial losses, file a report with the FBI/IC3. Also notify your bank and card issuers right away to block or monitor transactions.

Consumer security sites and incident-response guides list these same first steps for containment and reporting.

How to lock down your phone account and reduce risk

Make it harder for scammers to succeed by using layered protections at both your carrier and your accounts:

  • Enable a carrier account lock / port freeze / number lock: Most major U.S. carriers provide features that block SIM changes and number porting unless you explicitly remove the lock (sometimes called Number Lock, Port Freeze, Account Lock, or SIM Protection). These stop many port‑out and SIM change attempts if properly enabled. Recent carrier rollouts — for example AT&T's Account Lock — are explicitly aimed at preventing SIM swap attacks.
  • Set a strong account PIN/password with your carrier: Create a unique, complex passcode or PIN on your wireless account and don’t use easily found personal info.
  • Prefer authenticator apps or hardware keys over SMS 2FA: Move critical accounts (email, banks, crypto, social) to an authenticator app (Authy, Google Authenticator, Microsoft Authenticator) or a phishing‑resistant hardware key (FIDO2/U2F) where possible — SMS is vulnerable to SIM attacks. The FTC and consumer security groups recommend replacing SMS-based 2FA for high-value accounts.
  • Limit personal data exposure: Remove or protect phone numbers and identifiable details on social media and accounts that feed carrier verification processes.
  • Require in‑store or out‑of‑band verification: Ask your carrier to require in‑person ID or a prearranged alternate contact to approve SIM/eSIM changes where that option is available.
  • Lock your voicemail and SIM PIN: Set a SIM PIN (device-level) and a secure voicemail password so attackers can’t use those channels for resets.

Technical explainers and carrier‑best‑practice articles show that port‑out locks combined with strong account PINs and non‑SMS MFA are among the most effective defenses.

Longer‑term protections and what to do after recovery

After you regain the number, review and secure every account that used SMS 2FA or where a password reset could be sent to your phone. Steps include:

  • Change passwords to long, unique values (use a password manager).
  • Replace SMS 2FA with an authenticator app or hardware key on high‑value accounts.
  • Check account recovery options (alternate emails, phone numbers) and remove stale entries.
  • Monitor bank and credit reports; place a fraud alert or credit freeze if financial data was exposed.
  • Keep detailed notes (dates, account reps, confirmation numbers) and report to the FTC (ReportFraud.ftc.gov) and your local law enforcement; if crypto was stolen, tell exchanges immediately — funds are often unrecoverable but rapid reporting helps investigations.

If you believe the carrier mishandled the incident, escalate to their executive customer service or a telecom ombudsman and consider filing a complaint with the FCC or your state attorney general. Consumer guides and state financial authorities highlight these recovery steps as standard practice.

Takeaway

SIM swapping is a high‑impact scam that exploits carrier verification processes and SMS‑based authentication. The most effective defenses combine carrier account locks (port freezes/number locks), a unique carrier PIN, and moving critical accounts away from SMS codes to authenticator apps or hardware keys. If you suspect a swap, contact your carrier and financial institutions immediately, change passwords from a secure device, and report the incident to the FTC and law enforcement.

For step‑by‑step consumer advice and to file a report, start with the FTC consumer guidance and your carrier’s security pages.